binarium.team/
104.21.23.40301 Moved Permanently 0 B IP 104.21.23.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: binarium.team
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 08:52:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 09:52:49 GMT
Location: https://binarium.team/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPdnGUEtEmKGlRe2Lo7gJY5KT3rRT4cqa2fSoVGFFs%2Bgv7Gj8IUxSpTGENJXZG9DEIwTRyC5s32yFhQdIeOk1%2FIHYBQPQcIdXemtexyLaWuJXd%2BRFHLskjP%2F1OCtaQhV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9268218411c16-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13444
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 08:52:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5800
Cache-Control: max-age=98102
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:49 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:07:51 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:19:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2025
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 708799d69573c2a64d441849e55a9306
8c8c066053f35b873d3f8804c787e8c700de45e0
791f3d68b60980c29e42e80f654d4303bdc60c05a8cc6161b2e503dc6dceef50
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "791F3D68B60980C29E42E80F654D4303BDC60C05A8CC6161B2E503DC6DCEEF50"
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Fri, 25 Nov 2022 09:33:13 GMT
Date: Fri, 25 Nov 2022 08:52:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6288
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 08:52:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uzd1DIRQyIfg+sYp7DjfhXLGMxGt4vBw0xQT1i5z5FMIpoDXeQkS32S9oxvSeSSGy5CrGLHD3TA=
x-amz-request-id: 2VDHT2HA11KNNQ09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:40:44 GMT
age: 725
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:52:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 708799d69573c2a64d441849e55a9306
8c8c066053f35b873d3f8804c787e8c700de45e0
791f3d68b60980c29e42e80f654d4303bdc60c05a8cc6161b2e503dc6dceef50
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "791F3D68B60980C29E42E80F654D4303BDC60C05A8CC6161B2E503DC6DCEEF50"
Last-Modified: Fri, 25 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Fri, 25 Nov 2022 09:33:13 GMT
Date: Fri, 25 Nov 2022 08:52:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8182db452bd0cf3fd71778c72ff5d1a0
1cb706d77a071dfac17ab8d6d985826820c1a1d8
ce1f6050e1a42c1472abd375dad7a1d410996e939cf3512df7289ad78ec9339e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4821
Cache-Control: max-age=154003
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:50 GMT
Etag: "63802620-118"
Expires: Sun, 27 Nov 2022 03:39:33 GMT
Last-Modified: Fri, 25 Nov 2022 02:19:12 GMT
Server: ECS (amb/6B8C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8182db452bd0cf3fd71778c72ff5d1a0
1cb706d77a071dfac17ab8d6d985826820c1a1d8
ce1f6050e1a42c1472abd375dad7a1d410996e939cf3512df7289ad78ec9339e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4821
Cache-Control: max-age=154003
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:50 GMT
Etag: "63802620-118"
Expires: Sun, 27 Nov 2022 03:39:33 GMT
Last-Modified: Fri, 25 Nov 2022 02:19:12 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 08:08:53 GMT
cache-control: public,max-age=3600
age: 2637
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5439
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:50 GMT
Last-Modified: Fri, 25 Nov 2022 07:22:11 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 16 kB URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash 1fb5ebf49d9ab44b32ddd3d03f13e2e3
36c3654a5b8f93fb893fa11f6c99e0220fa2a5d1
5869f81ca2db0af1b6ff5e6b84144009f0170af8ba0038aa6cf7b5892e5db95e
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SJjNZ7g1XPYMod3Nc23LMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aKrMPfx16iKiPWnZQ2S0tTVoePo=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 1.9 MB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
Size 1.9 MB (1923505 bytes)
Hash 7bfb289b94c141e8b37411e32de19c3f
c964333f07b3591a748f4d9713c541a9cc0ee8ad
16e9e3ffb431d5af57b0b8d6f4d81b702653e922fc6692f591ffcd85203cca88
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 08:41:08 GMT
expires: Fri, 25 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 704
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 08:52:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 08:52:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 08:52:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2162
Expires: Fri, 25 Nov 2022 09:28:54 GMT
Date: Fri, 25 Nov 2022 08:52:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba7b9c131ab7e5998f25b069ba3860a0
0214fc0deecb1115766802f42cfd256e3c479490
717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
content-type: image/jpeg
age: 40671
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 24324
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 66d06d3cac1784e4ce6c8c89c300f10a
41ef94d198bbf98185eb332a3b6934c3c26c3afc
55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2351
x-amzn-requestid: 141bbf99-5d78-4b9c-a537-491718aee68a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b43YGE_SoAMFlbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d29a-00017cd344caea2b6408aeb3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:09:14 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1-8WM-7tNqakPDW9-K0GVbOKdotndEXj2QeJzw3cJol-g9TT5IVyOQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 16:45:53 GMT
age: 58019
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d43ec6824d4fdc4d31b8c245bf8c5849
81f85633fca39972d8e0bf9a4ec7cd999e54564f
b0e521b23879af86102f46a9ec412faf6345df31a97a7b58880f63f81fdcd0c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7900
x-amzn-requestid: a9d184b1-3b4a-4ca6-9ad2-ce3aac10f422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB91H2IIAMFjGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38b-5732361f36c023c22c922ee9;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nVe_gcpscsmf4QGPseIR2poHwzxp_mfWODrAz8Oy0ePkMgnIREhCag==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:07 GMT
etag: "81f85633fca39972d8e0bf9a4ec7cd999e54564f"
content-type: image/jpeg
age: 40665
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:59:49 GMT
age: 35583
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5863138af1ddbba34a7856242a7b3a06
2eba66ff6539388c48562503e8d11ff0e060350a
d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6ibPrCdDNQqWzxiVYDsl87yUfTP8sUmu22GbhBdDHJruil0qxbw7Fw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:00 GMT
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
content-type: image/jpeg
age: 40672
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b0afaf81c8e5170a65a15567579ca2b
13f8560c82da0a58cad8549615948ad2553658d3
1c8c773dd3314bae616002c6e1027fa5f7569ffcdde63c7b6fc189573bbc8cc6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1C8C773DD3314BAE616002C6E1027FA5F7569FFCDDE63C7B6FC189573BBC8CC6"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4319
Expires: Fri, 25 Nov 2022 10:04:51 GMT
Date: Fri, 25 Nov 2022 08:52:52 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0505822970be1b27fe27194857f6f3a9
111a0d652bde088b6df9d0ce2d00e67bc0d36251
9c1692650facbc4566e34bc5ca3f330440b07efd3f4b2da3aa4b9c969dfd13da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9C1692650FACBC4566E34BC5CA3F330440B07EFD3F4B2DA3AA4B9C969DFD13DA"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Fri, 25 Nov 2022 10:44:56 GMT
Date: Fri, 25 Nov 2022 08:52:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 27be233d026c07658a543219f9167352
84d60cf1fae3cb14cbf223df9f9fb5e87b592f99
62a141c67a019da2eae9d8446c249983442f93ec45c8b6aa7b9f8864bc6ef776
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 08:52:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 29 Nov 2022 04:54:49 GMT
ETag: "84d60cf1fae3cb14cbf223df9f9fb5e87b592f99"
Last-Modified: Fri, 25 Nov 2022 04:54:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1597
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f92695f917b500-OSL
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0505822970be1b27fe27194857f6f3a9
111a0d652bde088b6df9d0ce2d00e67bc0d36251
9c1692650facbc4566e34bc5ca3f330440b07efd3f4b2da3aa4b9c969dfd13da
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9C1692650FACBC4566E34BC5CA3F330440B07EFD3F4B2DA3AA4B9C969DFD13DA"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Fri, 25 Nov 2022 10:44:56 GMT
Date: Fri, 25 Nov 2022 08:52:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98294941-1&cid=1106001211.1669366372&jid=552432986&gjid=2060801627&_gid=1375839371.1669366372&_u=aEBAAEAAAAAAACAAI~&z=693645957
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98294941-1&cid=1106001211.1669366372&jid=552432986&gjid=2060801627&_gid=1375839371.1669366372&_u=aEBAAEAAAAAAACAAI~&z=693645957
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-98294941-1&cid=1106001211.1669366372&jid=552432986&gjid=2060801627&_gid=1375839371.1669366372&_u=aEBAAEAAAAAAACAAI~&z=693645957 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://binarium.team
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://binarium.team
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 08:52:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 177 kB IP 142.250.74.3:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x1280, components 3\012- data
Size 177 kB (177383 bytes)
Hash 726eb94f73d76bdcd10870706eede7c5
983482b13d6e45b2b695bfe24198164bd8f64501
8f8ba540459ef0a37d53aad58b1f2c311afe054a0d33409b61dc40af6551a39e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 08:52:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.isas.info/api/v1/currencies
104.21.78.225200 OK 669 B URL HTTP/2 api.isas.info/api/v1/currencies
IP 104.21.78.225:0
File type JSON data\012- , ASCII text, with very long lines (2234), with no line terminators
Hash 1c348a952e46385c8d2a77e81aef5696
cf583a0afaf2bd40fc3d8c2ecab1ce8ea9624d32
25a93fac5d8f41d8323fcf62bdad5a0510084f54ccb86bf41af5d8f117deabd5
GET /api/v1/currencies HTTP/1.1
Host: api.isas.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.team
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:52 GMT
content-type: application/json
x-powered-by: PHP/8.1.12
cache-control: max-age=60, public, s-maxage=60
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-JWT, X-EXTRA-JWT, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Fingerprint, g-recaptcha-response
access-control-expose-headers: X-Pagination-Size
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22lKbCfW10i%2FqlPFCzdNuSKnEoY%2BoNcsgU%2B5xaterfDsvuPY4Mi17feTFbzkdPVOX8b5TMaf3fmZqYHWMQ4HT3NnPs03pRr4OFRz%2F8BiLhfCIP4TwDA8OgRX1507HtRd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f92695a993b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets-04.livetex.ru/js/widgetsSettings.json
185.39.80.48200 OK 823 B URL HTTP/2 widgets-04.livetex.ru/js/widgetsSettings.json
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text
Hash f830088a7501e0371ac3de586ac83510
ccc443c2036f9ae9752a76318446a82e1150ff8a
1fa82e973cd370596fed3d7647743fd6f5108792fdc816237a4530b600129e47
GET /js/widgetsSettings.json HTTP/1.1
Host: widgets-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://binarium.team/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:53 GMT
content-type: application/json
content-length: 823
last-modified: Mon, 07 Nov 2022 10:22:42 GMT
etag: "6368dc72-337"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
balancer-cloud.livetex.ru/get-client/?site_id=123917&version=1.2.36&target=path&rnd=et2t6vpcsxq
185.39.80.120302 Found 0 B URL HTTP/2 balancer-cloud.livetex.ru/get-client/?site_id=123917&version=1.2.36&target=path&rnd=et2t6vpcsxq
IP 185.39.80.120:0
ASN #200015 Omnichannel technologies LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get-client/?site_id=123917&version=1.2.36&target=path&rnd=et2t6vpcsxq HTTP/1.1
Host: balancer-cloud.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 08:52:53 GMT
content-length: 0
location: //widgets-04.livetex.ru/js/app3.js
expires: Fri, 25 Nov 2022 08:52:52 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
access-control-allow-credentials: true
X-Firefox-Spdy: h2
widgets-04.livetex.ru/js/app3.js
185.39.80.48200 OK 117 kB URL HTTP/2 widgets-04.livetex.ru/js/app3.js
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116851 bytes)
Hash 5c8d8bf4cc3ea8cf6b9fc8efb3196d7c
8a5dbce3585ff91e8625d5ef45fc5e46185cd84d
17a207d9c80901869fea50c14c9605766a1c0ae57965018641dcb8ceb23c6d8d
GET /js/app3.js HTTP/1.1
Host: widgets-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://binarium.team/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:53 GMT
content-type: application/javascript
content-length: 116851
etag: "6368d609-1c873"
access-control-allow-credentials: true
cache-control: no-cache
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 430c16bbd6ed6a6d18eca6633c649b32
8abc7134fa88d0fdd45185e650c0c63f88ca98d2
1bdd99d9b52d50d8a138217c49dfeeaad2de8d008871e3a757575d7d0a589a44
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1BDD99D9B52D50D8A138217C49DFEEAAD2DE8D008871E3A757575D7D0A589A44"
Last-Modified: Thu, 24 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9286
Expires: Fri, 25 Nov 2022 11:27:39 GMT
Date: Fri, 25 Nov 2022 08:52:53 GMT
Connection: keep-alive
widgets-04.livetex.me/js/iframe.html
104.26.8.232200 OK 0 B URL HTTP/2 widgets-04.livetex.me/js/iframe.html
IP 104.26.8.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /js/iframe.html HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://binarium.team/
Origin: https://binarium.team
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDKE79cAws5Qp9ARg%2F5s6K1waXDFPRcFPMX1DaKHqLgRE%2B2t5L6zcT7fIPQqmUWNE80H%2BKS4AcWifmkNBqUqvSKepywO11vqxWppA4tGOcx8F%2BWgPgQWMx2AwOmwYMJzq1cbDJmRBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9269d6eddb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
balancer-04.livetex.ru/services/?site_id=123917&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1223
185.39.80.48200 OK 510 B URL HTTP/2 balancer-04.livetex.ru/services/?site_id=123917&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1223
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with very long lines (510), with no line terminators
Hash f8109ab23eb78518e4c73e1016640110
f4d99a4c7d0ab0b4c27071d401148ed8f97f67a7
0f009adee148b2bcd756d4332898e660fa25c5ebb442bac4bee2c450dec94cdf
GET /services/?site_id=123917&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1223 HTTP/1.1
Host: balancer-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://binarium.team/
Origin: https://binarium.team
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 510
strict-transport-security: max-age=15724800; includeSubDomains
expires: Fri, 25 Nov 2022 08:52:53 GMT
cache-control: no-cache, public
access-control-allow-origin: https://binarium.team
access-control-allow-credentials: true
X-Firefox-Spdy: h2
widgets-04.livetex.me/js/iframe.html?host-page-origin=https://binarium.team
104.26.8.232200 OK 37 kB URL HTTP/2 widgets-04.livetex.me/js/iframe.html?host-page-origin=https://binarium.team
IP 104.26.8.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1628), with no line terminators
Hash 06babb3a4794bd0d8cb4c4a5fdb3353a
0ac6236bebe7263c806e920bff330c1840211cbd
9a75bf0499c774daa979ea482fda849b93fa24afdc93356e0a468adadc34c2bd
GET /js/iframe.html?host-page-origin=https://binarium.team HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72Jt0APXIB1OfwHhbrhz1YtDaVl0fw6xoKnpxPs2EvcJEkPq6KiSoQyJofqxasdFTvA56o%2BbvjODTUEw4WvI095d0ePObqAeCxo89L%2Fs%2Bx3A8wM20CQJDCR2AFyfJEeFRc5twp7kqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9269df920b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
io4-ls-04.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=upwqwqou5qi&_h[lt-origin]=account%3A146400%3Asite%3A123917
185.39.80.48200 OK 519 B URL HTTP/2 io4-ls-04.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=upwqwqou5qi&_h[lt-origin]=account%3A146400%3Asite%3A123917
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with very long lines (519), with no line terminators
Hash 39342a1516e8a6285843058653f897b6
711c4863cd7bf1b798bbb6aabc5c795abcf68851
34de0b6269608e1372c31c0e96d79f008c6d00e4f89064c2b7f2b008ef08fab0
GET /visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=upwqwqou5qi&_h[lt-origin]=account%3A146400%3Asite%3A123917 HTTP/1.1
Host: io4-ls-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: text/javascript
content-length: 519
set-cookie: 111rjfm=io:io-1-kube-livetex-ru:session:2hv40lztm5wuy7uomt2o6r;expires=Fri, 09 Dec 2022 08:52:54 GMT;path=/;domain=livetex.ru;httponly
strict-transport-security: max-age=15724800; includeSubDomains
expires: Fri, 25 Nov 2022 08:52:53 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
X-Firefox-Spdy: h2
balancer-04.livetex.ru/services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1223&0.43333134323111233
185.39.80.48200 OK 784 B URL HTTP/2 balancer-04.livetex.ru/services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1223&0.43333134323111233
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with very long lines (784), with no line terminators
Hash dceb3ae7fdeadcacc60ca8a834e8a2f3
a848cba2bcb8d0b1c95add1db1daec8c4056decf
a56aa87a50f3a363a1399279cde29f6228283d38fbac94df375f69a5675282c5
GET /services/?account_id=146400&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1223&0.43333134323111233 HTTP/1.1
Host: balancer-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 784
strict-transport-security: max-age=15724800; includeSubDomains
expires: Fri, 25 Nov 2022 08:52:53 GMT
cache-control: no-cache, public
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-credentials: true
X-Firefox-Spdy: h2
io4-ls-04.livetex.ru/poll/0/1669366374388?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=dm9s0hevpyp&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2hv40lztm5wuy7uomt2o6r
185.39.80.48200 OK 102 B URL HTTP/2 io4-ls-04.livetex.ru/poll/0/1669366374388?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=dm9s0hevpyp&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2hv40lztm5wuy7uomt2o6r
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with no line terminators
Hash 4ff880c96ca33c6e2f0572442c920aba
151d814f6420ffa98b4e98957dd2d74e4204e9f6
f88056dd65ce8954ae8f126ab09679d3039916fd052d375b45af43ba538d770f
GET /poll/0/1669366374388?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=dm9s0hevpyp&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2hv40lztm5wuy7uomt2o6r HTTP/1.1
Host: io4-ls-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: text/javascript
content-length: 102
strict-transport-security: max-age=15724800; includeSubDomains
expires: Fri, 25 Nov 2022 08:52:53 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
X-Firefox-Spdy: h2
wapi-04.livetex.ru/WidgetsAPIServiceTag
185.39.80.48200 OK 78 B URL HTTP/2 wapi-04.livetex.ru/WidgetsAPIServiceTag
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 7767b627809c4786bdc597e78e9522ef
12faf308dd04864c38fa6625bd80e18b91864396
6bf7959a9b77d03809ee21c84c89119a6167ac3bd095bc5af50c2c66b3d2e0ff
POST /WidgetsAPIServiceTag HTTP/1.1
Host: wapi-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 170
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-length: 78
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto&display=swap
142.250.74.10200 OK 87 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto&display=swap
IP 142.250.74.10:0
Hash c14c3823b961976987680f452fc0a6ee
f4a00138a01de16dfa76b35ec8f4aa7a7941da12
08ab607d065a4c5b38df75aac38eb26910605a34d0affec0335796d17e89d474
GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 08:52:52 GMT
date: Fri, 25 Nov 2022 08:52:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
io4-ls-04.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A146400%3Asite%3A123917%3Apage%3Adoue9ghtqt8%22%3A%7B%22seo_referrer%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22page_title%22%3A%22QmluYXJpdW0%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly9iaW5hcml1bS50ZWFtLw%3D%3D%22%7D%7D%7D&_rnd=tg1f6j4fv3m&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2hv40lztm5wuy7uomt2o6r
185.39.80.48200 OK 283 B URL HTTP/2 io4-ls-04.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A146400%3Asite%3A123917%3Apage%3Adoue9ghtqt8%22%3A%7B%22seo_referrer%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22page_title%22%3A%22QmluYXJpdW0%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly9iaW5hcml1bS50ZWFtLw%3D%3D%22%7D%7D%7D&_rnd=tg1f6j4fv3m&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2hv40lztm5wuy7uomt2o6r
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type ASCII text, with no line terminators
Hash 660ec12230db6864ded5d3ec22a21376
2cedf7712309887ccf87d6672a87b34590ae60fa
430bef048ae276ef881be2a685a76e497fc09a27a08fdbd6c349991f65db41bf
GET /site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A146400%3Asite%3A123917%3Apage%3Adoue9ghtqt8%22%3A%7B%22seo_referrer%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22page_title%22%3A%22QmluYXJpdW0%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly9iaW5hcml1bS50ZWFtLw%3D%3D%22%7D%7D%7D&_rnd=tg1f6j4fv3m&_h[lt-origin]=account%3A146400%3Asite%3A123917&_h[cookie]=111rjfm%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2hv40lztm5wuy7uomt2o6r HTTP/1.1
Host: io4-ls-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:55 GMT
content-type: text/javascript
content-length: 283
strict-transport-security: max-age=15724800; includeSubDomains
expires: Fri, 25 Nov 2022 08:52:54 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
X-Firefox-Spdy: h2
widgets-04.livetex.me/images/preloader.gif
104.26.8.232200 OK 4.0 kB URL HTTP/2 widgets-04.livetex.me/images/preloader.gif
IP 104.26.8.232:0
File type GIF image data, version 89a, 132 x 12\012- data
Hash fd9a34f0d404a57d675c4dc84f7c9b2f
0e872de1ed8970c54594b7eb39c1ccb294947d2c
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918
GET /images/preloader.gif HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:55 GMT
content-type: image/gif
content-length: 3960
last-modified: Mon, 07 Nov 2022 09:52:17 GMT
etag: "6368d551-f78"
expires: Thu, 24 Nov 2022 20:09:06 GMT
cache-control: max-age=86400
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
cf-cache-status: HIT
age: 74768
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Dbenkidr0CKk5BWra%2Bms4Lg7flrCInD9dzfRkQeRE%2BoUXQA1CsSpMKwB1VNJx%2B468hN0QgYczn63iYSw0vQGvckXped8Q9SZf1GePNL5AxjgAukEiCp%2BIS7oj4CCXTfUgpvtMrz4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f926a479e5b4fd-OSL
X-Firefox-Spdy: h2
wapi-04.livetex.ru/WidgetsAPIServiceTag
185.39.80.48200 OK 45 B URL HTTP/2 wapi-04.livetex.ru/WidgetsAPIServiceTag
IP 185.39.80.48:0
ASN #200015 Omnichannel technologies LLC
File type JSON data\012- , ASCII text, with no line terminators
Hash 74a5598466f7a5496d1fb018c7a6fc0b
ea750b64d6fbbea5206c0b35e0a09822d92a6b59
ea7762b92554ce0545a4846053f5d9213ba4ca8c3ea2b08b1b21ab3707b87069
POST /WidgetsAPIServiceTag HTTP/1.1
Host: wapi-04.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 152
Origin: https://widgets-04.livetex.me
Connection: keep-alive
Referer: https://widgets-04.livetex.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:55 GMT
content-length: 45
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://widgets-04.livetex.me
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
X-Firefox-Spdy: h2
widgets-04.livetex.me/images/footer_bg.png
104.26.8.232200 OK 547 B URL HTTP/2 widgets-04.livetex.me/images/footer_bg.png
IP 104.26.8.232:0
File type PNG image data, 114 x 26, 8-bit colormap, non-interlaced\012- data
Hash 51aaf8b6c838da34defc559255265cdb
60a12d1c9d6957539f5b00cb2f5a97ce493c0ecd
f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5
GET /images/footer_bg.png HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:55 GMT
content-type: image/png
content-length: 547
last-modified: Mon, 07 Nov 2022 09:52:17 GMT
etag: "6368d551-223"
expires: Fri, 25 Nov 2022 20:05:52 GMT
cache-control: max-age=86400
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
cf-cache-status: HIT
age: 3965
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jf%2FboSf%2FU2N9cBhsW%2F4GCmDX7dL4Q9nOM7ZjDb2RkfV6umKWto1HtRFpdkSmi5ljkE3XcDhCxP1qOd1FTD0%2BBjGVr8cQ2W%2BuweSWygEwvuOBThL5Maks%2F0pkHYu%2ForK3ubzIT%2F2LAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f926a4aa31b4fd-OSL
X-Firefox-Spdy: h2
widgets-04.livetex.me/fonts/icons.ttf
104.26.8.232200 OK 7.2 kB URL HTTP/2 widgets-04.livetex.me/fonts/icons.ttf
IP 104.26.8.232:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 598df0988ee31fedd2973d155ca9cad1
b790145f8c246453167d47869e8fe685de79af18
9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb
GET /fonts/icons.ttf HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.team
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:55 GMT
content-type: application/octet-stream
content-length: 7156
last-modified: Mon, 07 Nov 2022 09:52:17 GMT
etag: "6368d551-1bf4"
expires: Fri, 02 Dec 2022 08:52:55 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYPIKV4Xp5o%2FirYqlwL2Jr2ECp%2BTZ%2BKDu3sPdWkurB2eIZvVHGdUW%2F3Uw8CtFeTLJnEOR0LwuHBcbl1ZK7ZcClYnC98EY%2F3vSkmWDKM95d1Px2Kitu%2F2hjSLcDhh6jPRVM3mqhkkyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f926a4b8a5b4f7-OSL
X-Firefox-Spdy: h2
widgets-04.livetex.me/js/services.1cb56e.js
104.26.8.232200 OK 0 B URL HTTP/2 widgets-04.livetex.me/js/services.1cb56e.js
IP 104.26.8.232:0
GET /js/services.1cb56e.js HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://binarium.team
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public, max-age=604800
cf-bgj: minify
etag: W/"6368d62d-57e7a"
cf-cache-status: HIT
age: 339981
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhRqnnPBhc5rIBnL28pMI4nocR%2BA1MZafUMtu5SNrgJTtD3NdLQ0HTpUCJCIfrQdBAp5JwDbEbfJCcxWVq%2BrOTMSwQRFH18wo%2FXshxNIES3c4LrDYx5MImm6U9HbysUiq7o%2Bg8JxXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9269e79a3b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
binarium.team/
172.67.208.206200 OK 0 B IP 172.67.208.206:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: binarium.team
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:49 GMT
content-type: text/html
last-modified: Thu, 24 Nov 2022 16:48:17 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FvL1DqqO0l%2FESNDOqjMI49ZqhYqATUbog5nXY2NYQgugoNCqeSwZAOpX85b%2BbTNx7JFIH4ocS5ErY42Q6eYRcTksiGQM%2BwFjGmqH0o5tsU2bLBAuWp82YEpCh0CL6Lu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f926838e22b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cash.mmm-bop.com/static/cash-react/build/js/cashierRenderer.js
172.67.170.105200 OK 0 B URL HTTP/2 cash.mmm-bop.com/static/cash-react/build/js/cashierRenderer.js
IP 172.67.170.105:0
GET /static/cash-react/build/js/cashierRenderer.js HTTP/1.1
Host: cash.mmm-bop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:50 GMT
content-type: application/javascript
last-modified: Mon, 06 Jun 2022 10:07:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
cf-cache-status: HIT
age: 2362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lz0RSczjf3gj9KfZx1Mv7AtQ6vSI64HqaWsXXiDqcvOxMbYyL3E1ed0Srq9SM2qnOTBvJl9gdP2KYu1fnFM8vmqmGrxq846ulu9PzTL6vzz6RSCAClUI07%2FIrK9iVLcAm3pe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f926854dfc1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets-04.livetex.me/js/ui.7.1.1223.js
104.26.8.232200 OK 0 B URL HTTP/2 widgets-04.livetex.me/js/ui.7.1.1223.js
IP 104.26.8.232:0
GET /js/ui.7.1.1223.js HTTP/1.1
Host: widgets-04.livetex.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:54 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cf-bgj: minify
cf-polished: origSize=1159765
etag: W/"6368d5fc-11b255"
last-modified: Mon, 07 Nov 2022 09:55:08 GMT
cf-cache-status: HIT
age: 6549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS6pJdE8n9oowRAvcrh3dTIxTK8tMTXTghqvx8l00PD3%2FlBQTP1jd8%2BZXC%2FtyX8hDTEvmOZQ8HaLHn7tNb7oOcPGep911kymdBdya3lr2Bhb2JSd3cosrXSL47zsNFO3LXcdV70jcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9269df92ab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.isas.info/api/v1/users/self/geolocation
104.21.78.225200 OK 0 B URL HTTP/2 api.isas.info/api/v1/users/self/geolocation
IP 104.21.78.225:0
GET /api/v1/users/self/geolocation HTTP/1.1
Host: api.isas.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Origin: https://binarium.team
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 08:52:52 GMT
content-type: application/json
x-powered-by: PHP/8.1.12
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-JWT, X-EXTRA-JWT, If-Modified-Since, Cache-Control, Content-Type, Accept-Language, Fingerprint, g-recaptcha-response
access-control-expose-headers: X-Pagination-Size
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLPYbFZo%2Bh94gcpJqZg0hkHj0%2B9kYJyzYrMtcN01lNAfGPxWjqE7zFG0EQrZD8gAVKgmJueu%2Bw4PyDS1WK8TxppDAlxPh5fBlkqvhaYvLpXAuoIzOBXLT6LIggXT6nAA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f92695a9a0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cs15.livetex.ru/js/client.js
185.39.80.120200 OK 0 B URL HTTP/2 cs15.livetex.ru/js/client.js
IP 185.39.80.120:0
ASN #200015 Omnichannel technologies LLC
GET /js/client.js HTTP/1.1
Host: cs15.livetex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://binarium.team/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 08:52:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 14 Jul 2022 15:24:11 GMT
etag: W/"62d0351b-690"
expires: Sat, 26 Nov 2022 08:52:52 GMT
cache-control: max-age=86400
content-encoding: gzip
X-Firefox-Spdy: h2