www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
172.67.129.207200 OK 557 B URL HTTP/1.1 www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (338)
Hash 27be9d6cb71a8a63b4d70ffe02befd85
dda76024674843e2d572204cef3aa89ac1e463d1
ee3a5efb60977f9aa76975b2a57446fa33951af50e6bc4bde2be503d9a154bc4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vfptGQn7GqU6oUHXlbqvQ7t%2BkLCRo9OCCD%2BpePkv47BBIZLYyGaaeIGzqThJgYZlG02lKUagYHyQgZSNyFIh4aXRCyws%2FEG419ydShqQBvHKCWRCTnytgkQVyv20XLTizm%2FRL0a"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b29b7c1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 03:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rZGotNrTd7PjD_Vtfp53aFUp1wsRuwrb24c4YCifXaJPPw9RJRw9aw==
Age: 1206
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7440
Expires: Tue, 27 Sep 2022 05:39:36 GMT
Date: Tue, 27 Sep 2022 03:35:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _QGByo-9VdvgW-wvasLIB7OHXDspgZ-LaeQ5E7zHq3JpSUMiebUDyQ==
age: 82821
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 03:35:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 701ed3a577f19b862103bb8ccc6651d1
c4fd1efaa8172619aa10992d476234a08509fac8
693719de1bcc012d999d14fe991e5aa33cb1a26c03adbbfc5d11ab4d250eab57
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 03:35:36 GMT
expires: Tue, 27 Sep 2022 03:35:36 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eauxcook.ru.com/jquery-1.11.0.min.js
172.67.129.207200 OK 33 kB URL HTTP/1.1 www.eauxcook.ru.com/jquery-1.11.0.min.js
IP 172.67.129.207:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
Analyzer Verdict Alert quad9 Sinkholed
GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:39 GMT
ETag: W/"62e8238b-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0tKkSF9uJN07HFm024J%2FnI%2FhJKH2n2ngtCrCzw3tFXQiCG%2FQ26VPHARp0T2rgNLX%2FLmZHqTJ9w7U6DzyNfX99tAXgvWoB%2FX7HTEq0oVWXVDlZRqWo5zsjKbLFaCYN%2F1t0GH64TF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130b47c231bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/offer.php?id=213&sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
172.67.129.207200 OK 364 B URL HTTP/1.1 www.eauxcook.ru.com/offer.php?id=213&sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (361)
Hash 7b5f17eaad284d675590573cf744c5a7
d925d3dbc0d7b0a43f2dccda9788299661226b71
3fbf8262311eeb4ffcf5b8f818f8e9a211f2441ebd96a7257f50a3b052bc2238
Analyzer Verdict Alert quad9 Sinkholed
GET /offer.php?id=213&sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/wperc/hlnebtkj872757vxdp/grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88zlbznOEmITudKgtIypmeM9rgjLl0O5kn0QeCO1GK1UwnJIzIKI4MQb0uFD223B66G2HIOyGKm3ZoYvdDZqz3JBf9DfTD01QnQrgAooKxVZOwJGhlFWr3XDWCYBY6AktXIrC3tb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b65cbe1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
172.67.129.207200 OK 14 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42825)
Hash 8ff3f33099937ef6762c588ad05cda5e
8839c6415748be0d292a679d2ffc84dd87e25d2a
b0cfdecc92513a89200a9947fca1bd5c06a331f73d7a4b43ac21352b906b067a
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9qWuMHPHHYSaC2mnwDBCWpi5NK20A2he8iaupTouXXR0dZP9r4o48LLSIBvtY3EBOJb4Fz6nYLUhce114sFgvBNe%2BwoMYJg%2BPRx7QIqGtUrjG%2FtBY09UWuHI3Cg03yV7yNujmte"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b7bd2b1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 03:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 03:36:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PBPZpkf6sFSM0isEPPh_v-IJTxJJW4pAGe7dz-w1opEpkdpmEvOUoA==
Age: 1491
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/obtp.js.download
172.67.129.207200 OK 6.2 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/obtp.js.download
IP 172.67.129.207:0
File type ASCII text, with very long lines (6169), with no line terminators
Hash 522e4451790939ca385c10f4b474de63
23027181eea39e5fc338694c98602baaae0944a4
8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/obtp.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 6169
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1819"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nt41gbeiDrhyIXKlmVLbuZeOQ5Q8ZWyFPCjyIreircLhYdk8b12zyYO%2FMQ%2BHS7pSSjMFkbONlFHxgtSUM3VRafRmeO7%2BQAmbGMMqoYnAey0ZWRq4X0SWCWXw2cytxXB6QYRqt5D1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b83c50b50f-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css
172.67.129.207200 OK 11 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css
IP 172.67.129.207:0
File type ASCII text, with very long lines (62929), with CRLF, LF line terminators
Hash b8bc5aa36f686ee04208c9686195edab
e020d345db7efa2dfe4ebf4b888ccdb560372b8f
0b1aa036cd4b64c7b1462f92833e4f54cb98850db23bfbf42d35b3b2ff192f4e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: W/"62e823e4-11e86"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfqV4Lm9sJGy2%2BXyKy2XfBy2o3tlzCDR14eaNGOCE6mlvhvXX75CQkr2Qhf28Umne0BOSPE%2FH2JAMRJtiOW3MFbgydYOXgpoSKzlbVSY9ZmvEFiPTPTZYUiSU3Vi46gPeM8NPq8L"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130b84f56b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download
172.67.129.207200 OK 699 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download
IP 172.67.129.207:0
File type ASCII text, with very long lines (699), with no line terminators
Hash 0997f48838ce432db6b37f72c8fdf1f2
c9b2dc8a68ab46b5b36c96d52ef6c6de1084c6e6
646f01731972adb62a05fbadddee4f1760499bd01e6c2162d889ba47d160b6c5
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/2-es2015.478e249f6ca420649117.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 699
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-2bb"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baz6BvKwlyXXfBNaojSXw1RluuEG8dYiAxR1DoEREDKueSifO2is3GCFUN6epwPWiWoncgWZWAHLYrd8IjC95iMW%2FyJbn9wg27Sf7K2GkcYC8Y%2BL5SdWtS1TyWyTGhlLsm%2F0EU08"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b92cbcb50f-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/fbevents.js.download
172.67.129.207200 OK 129 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/fbevents.js.download
IP 172.67.129.207:0
File type ASCII text, with very long lines (33256)
Size 129 kB (128769 bytes)
Hash 9d939cad64375505e4dce7469a82e4ee
c0d0919210cb8dc763acb3de97a6218020caaa8d
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/fbevents.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 128769
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1f701"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcnET0FQtjXLDUYHnIstfyr7JvQAzpJWk8i9l3z1H7dvTIGY4lwFn9buSRoDUKN0SBGQj9fyUzBgTDwWZWIQ4XR7FHN7DSKzrJFa4WMVfXy24QzstdxCDTBpzUYFwbqiHl9RBgEM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b83cf2b523-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/gtm.js.download
172.67.129.207200 OK 84 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/gtm.js.download
IP 172.67.129.207:0
File type ASCII text, with very long lines (1721)
Hash 7eb0a1bda269d3087b8bc748e696f147
3ba33c1c1c3374837f373637041bdb33e7b41d3e
f28faa623ecd340179ec27e8a8288a7f75be69f9335c15e0d28055e372009bba
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/gtm.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 84387
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-149a3"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8lyOCnu99jcOxUVk6ogR0u5BgcmuECMU383yFvhd0fYCvyeL9HLBeGnrp6gVBUvsjrqYcCByA8IGcm%2FQAE61eHwgYlTDSaO3mHPjSm%2Bh7yzT2qBKWwG17%2BbH8A9WTlqUPgNnuop"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b83e380b59-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6477
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Last-Modified: Tue, 27 Sep 2022 01:47:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/runtime-es2015.9502c56c7b8ec72c1df4.js.download
172.67.129.207200 OK 2.3 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/runtime-es2015.9502c56c7b8ec72c1df4.js.download
IP 172.67.129.207:0
File type ASCII text, with very long lines (2339), with no line terminators
Hash a5fd49d9f6995d297d975ff767b07693
6e62ba7c1e1b5683480f0359c5daa96f7f602ef4
74feece712f2d426ea2f9f682eec3d74f4474a31222a62de4778f2670cd2c2c7
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/runtime-es2015.9502c56c7b8ec72c1df4.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 2339
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:07 GMT
ETag: "62e823e3-923"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ybQq%2BCWMeu3c8ybKvinuUUHIieciZab7nbhLJjekhlNfQ9m69k9VbapCg63NASBzZ9PVnS%2FAHj%2Fy%2BkqF1W02Il122Y9oODVTV7bptHjr0Hn%2FBshGe7BMcGmBBvujY7zVLeoM9%2Bf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b9c81ab4fa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
172.67.129.207200 OK 115 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
IP 172.67.129.207:0
File type ASCII text, with very long lines (60347)
Size 115 kB (114854 bytes)
Hash bf79ae58d383b0bfd5aa04fa527ae59d
76141d2acb1acbfd7c2fc2a050dde381e4b0b25d
e7966e88811b0480c1f74fb9c2453deb97ad7a1d2c3a70e75cc69c9ca6a65e2d
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/semantic.min.css HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: W/"62e823e4-c055e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMNc28n4F0UOAnko1UOvtuPC89ZEm71FC0Vq1iHSOqj7Y0zOpFzHZIoAPN%2BD%2FsEo5Eswts5QI6IkdOp38WB64%2Bphltayz79KfchlyYvgCtyBLG0NA0XMEfQeBjjt3b%2BHxHNOan1Z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130b84f55b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/0-es2015.ca3005822a3d933170a8.js.download
172.67.129.207200 OK 593 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/0-es2015.ca3005822a3d933170a8.js.download
IP 172.67.129.207:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 593 kB (593023 bytes)
Hash 67ced67786c2faf02230249ebfca68b1
43248fe8f624ea47d7ee8bd71d47691bd3b836d1
fcde07bab3999ff73a36dfc92c42ee7d1966cebe0246e6601923410ad0ae3cbf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/0-es2015.ca3005822a3d933170a8.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 593023
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-90c7f"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBZfsy4JDfaVO5yZoIY%2FH2oPpHqeGJ7y7sYYbhbbBv6wemoT6BNJf%2FJrGTT4rAYgY6Ha9mEPV%2FO6H8Pdx563xBhVd%2F%2F%2FZ%2BDM9gUWG%2FgimRCzsPJUbbWyrRl1BtHucOch9mGDePtJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b8bd8a1bfa-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k4/dQTPbegreIu+fF0DtyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hkrAtMTpxY5CUWb75jX8IDfZHC4=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.js.download
172.67.129.207200 OK 346 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.js.download
IP 172.67.129.207:0
File type ASCII text, with very long lines (65324)
Size 346 kB (346199 bytes)
Hash 132bab8897a9ced6fba8df024ff44c61
5389aebace491d696e63b2747da38441e992de44
ddb165eba6b445a6c460fc57ea5f15de11383b6b75bf9259eb35ad34d442b124
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/semantic.min.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 346199
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:07 GMT
ETag: "62e823e3-54857"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh0c%2BBk8y%2FetQLlLyJTIq1lDwRWiQDG3rbGGCBLIEgC7CZR1x6UunOY3qNMtj2W88JTr0X187qaKjezdyFNaDpVHiE16DWpGUk9k%2FE4n%2BCbuNwAQS%2Bc%2BXPZAKlBN8dcAim%2FoSHsw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130bac8ceb4fa-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap
142.250.74.10200 OK 919 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap
IP 142.250.74.10:0
Hash f041277350d11efda1ff4ff125004516
3ef485f96865fb092b3ecde8752a19172be3e53b
53acbf300cae74cf09a37d03b5999b5f5b781ccf30277d064e46f218f35ec794
GET /css?family=Lato:400,700,400italic,700italic&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 03:35:37 GMT
date: Tue, 27 Sep 2022 03:35:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/polyfills-es2015.614913fbba11925f96b8.js.download
172.67.129.207200 OK 14 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/polyfills-es2015.614913fbba11925f96b8.js.download
IP 172.67.129.207:0
Hash 4a085fb2f873340a92d12eb28367b5c3
f23507b5d52a86e5bfcdcab534430a1406608c06
8b3f6e864716940a6f8a2873f73f3b74ed74054fa63b808c93ce571edc27428d
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/polyfills-es2015.614913fbba11925f96b8.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 36500
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-8e94"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sEexLHnAtwOzXyMH8t9tNBxzDPKO9q2%2B2t6p9%2Fn7wPiZed8TSxOexnTzVq1fu9M03MgG0GpMilWXj26IIeNEdSz18iGaLvBk7E%2BmLghceyozQImrKp3cR%2F%2FDoe9fO8BBrT%2F1QYD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b9dd59b50f-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 555916
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24448, version 1.0\012- data
Hash 865e46af816320c9f32234e8968558d0
6791e9f732fcbde0f375f84ccbc14c4ac72795a3
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
GET /s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:27:46 GMT
expires: Wed, 20 Sep 2023 17:27:46 GMT
cache-control: public, max-age=31536000
age: 554871
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 555916
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100728425_sidebar.jpg
172.67.129.207200 OK 25 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100728425_sidebar.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 270x270, components 3\012- data
Hash 5ac031f2695f2f0c0223d7e7e245f3eb
fcf0766c41f347ecac0e74310b70d78b20044dfe
f5091a260a7a625a373fda20c1dac57b734a346dcb0656a0be836f61a09b0276
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586100728425_sidebar.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 24980
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-6194"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMnVApgJSLv0cNXoUTS3%2BM73axhn2OVYSjGdZx%2BTx0qfUvh70qD0XQUySUJUFQ0Lxhh%2BVAZlgmj9PgY7D2z8p5JVR1x0mtwuhM3snvD0Vw11OI9KnyXRcgGj9cJh%2FSojAddHhFk9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bce9f7b4fa-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:02:01 GMT
expires: Tue, 26 Sep 2023 20:02:01 GMT
cache-control: public, max-age=31536000
age: 27216
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101192223_laser.jpg
172.67.129.207200 OK 50 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101192223_laser.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Hash fca31471671ea05f0f7162fa96bcad2a
451be53621ba63467a0203c532010653c6cc0618
a50afa03f5efe4300e805950def99f32a26b5c01f81ba6fbe552718a21bb1ecd
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586101192223_laser.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 49717
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-c235"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOapP0blzfaN6LsuOhSQ3TYAmHa8%2F%2FcP6BGG90fqWFDrAg8f2c6lwlDIf36XYf8zC9jZmA2NQOSVDZlum0CMAC2GgPXxuS1Mhh3KOB0lJmNOoaUxlQcgDB04oBR1AdshZ0rWV1Lp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bcef4db523-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103152860_review__.jpg
172.67.129.207200 OK 58 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103152860_review__.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Hash a5724ec80fd0ba3912854045e0a5dca6
1f1bdb6a41f67feb941c5d2824ea354c5685011d
d476034f617682becd5ab468c20d5f713578c0b70ee30ece4e5b4978c8e2e541
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586103152860_review__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 58359
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-e3f7"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD3sUVxpLJyJoc7MFxZE6dFpq4JC8%2BSaLE8r34JTpxce6Dyzk5NSq5cB7c2SEJ3ewPeZgmcK4mFtU%2FHePdz1VaSdosgFyBHA3c6WIntn207NCZACkd%2BcTzl3T%2FUGtcOwBo%2FZHET%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bcef211bfa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/main-es2015.a486239d1b6b56551079.js.download
172.67.129.207200 OK 42 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/main-es2015.a486239d1b6b56551079.js.download
IP 172.67.129.207:0
Hash cc6b98bb2a835cb60cf5342a8cc21f81
988a7ca87f790c53731d662588902acd0e21c43e
689239912ed74f83d31452c181b8c6df10f26cacc80f18b40d6299523fde8c61
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/main-es2015.a486239d1b6b56551079.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 720806
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-affa6"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVHZhKaGRgXfIctb2khl2PvhyG%2BX%2F2UwQBYKAnva3psZpU06XH2xtMR9SRZ%2Bh%2FfMdsi3bmdPHQTd94XYgcojJXoBrXDXWlutGn%2BB2KD4ovFm0Fdtx%2F1SOqsClFz4OqRiP2T%2FrxgR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130ba0ecc0b59-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101527005_heartbeat.jpg
172.67.129.207200 OK 94 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586101527005_heartbeat.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Hash a0ebed5174260feaa33a4915bb96a491
777aa895cd21a81a88329387ed7a2de0f07c9a4d
9a80903f13d0921fd3cdf9ed17eba80bc42b64eebb9dea38a5544659ec4b7c92
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586101527005_heartbeat.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 94011
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-16f3b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxEuQ%2BcHWcBSUQR9%2FOcnj16Ad6fu6uZET0aRiC%2FhHmI4uvyA9CBrRDCgL2Wv%2FPAEiF6eLDexBdcfc4iYi0TXYDx2VvjmXkUzXpiEbsQNXZVA3UY665ROo5YtB1C0FS7HHGMJSJTr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bcef4fb523-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103483138_review__.jpg
172.67.129.207200 OK 82 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586103483138_review__.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Hash 277d28a5ee15b503ba507791bc9d0e60
a7279b9889c6e1f13c2aaecd03bc6960ec54a1bb
712eebff95f07402bc0884e094e06bbcd538881832ef6936cf566a86942e5dad
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586103483138_review__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 82345
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-141a9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3b%2BTIz63DqVVlaIQY2%2FzaAk%2FEBb7tAt00RRNkw7hpKVqoEE8c%2BTt6WeQsBmqf8t2mbbB6Z%2Btf1xGUE17ck1URNcGsg%2FRmF23cVmkgmXQAwTrNrnt6OYGu%2FkK%2FR6wzzi7uvwKYj3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bceb330b3d-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/OpenSans-Regular.5a798cdadc7cd321e3f7.ttf
172.67.129.207404 Not Found 116 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/OpenSans-Regular.5a798cdadc7cd321e3f7.ttf
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/OpenSans-Regular.5a798cdadc7cd321e3f7.ttf HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/styles.980a546aa37addf3afdf.css
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kebegcLsf0q3vTyC4IZAU8rJHKdZnLWfAPRJV2rToch6f0skqKDJc9oAL3mbKzpiWV80Tg4uHvaWNCYIEzxzFrSyByjZi83CF5K5Rh4tdGz0%2FiECldpys%2B6FdiFQ8qU9uFQewv5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be3819b523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586104576554_realx_.jpg
172.67.129.207200 OK 234 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586104576554_realx_.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size 234 kB (234504 bytes)
Hash 53204f36d6c135106517cbd07e1ea300
3b9db691224b222ebe4456b5cecce91ee382cb10
7bbae81b7732bd696dbcd5cae1079f699c9f6b09b731584c55e4a98497359c30
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586104576554_realx_.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: image/jpeg
Content-Length: 234504
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-39408"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScktgmvcBfVTeqL2QrHGwCivH67r0slzY%2BY3KFJHUxWdqZFcuazZqR4g6ZDHGJMqhlNCsJ2Ta4SvZNbt9T5j3z%2FDENHB9X%2FhfsIROU9MbLZKS9QmwZRdAPk%2BH0IhPR%2Bjq1DE0KAJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bce9f8b4fa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff2
172.67.129.207404 Not Found 153 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff2
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff2 HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWRAbYRfNd2Ny3fqO6Bp1Nef5eh0AdUjcg%2Fyve3AqnoRc1f0VjVKaRama%2BOapHmws9Q8seSH1MbYPZuxI9N8UFosw0%2FZw%2BzE12hh%2BWCcfTV%2BCw2y57OxjYTc62s1ud9y9UswtNqa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be6b03b4fa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff2
172.67.129.207404 Not Found 153 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff2
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff2 HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atfb2UqR8dpVfGBLq%2BHLE%2Be2UVEyZ8pj7yrutAmNonohbe5Y5psF5zQqPlUoXDeZIXL4LZanD8fIwlTqwH1ZeQlKpWzh3BsRauxLW8bWyzXvrHsFMGlMMJUl%2F8k3mwUXl0pnRhM5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be4f871bfa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff
172.67.129.207404 Not Found 153 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.woff HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hpf8qBTbeMd4LbH8QGyqyzrRg5PyS7eCNRcDqvO5XzjaYfi1r5CL6UDDuaJMoVrkUIPHt96IvvIJQ3ij24AopKt%2BALNEVl7d4T0nG4wJC4QuBDE0T%2FVZqzQ4Jcczw3GHM91XeFR%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130beffc21bfa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff
172.67.129.207404 Not Found 153 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.woff HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTiTmSUjiW27ecAAiiR6x%2F5sVDjgecykWU7OfHygnNfTL%2FCNy0Mdz6IS%2BfAPFE2PdCEZ1EiSPlyYucCtMDz3lFEJ9YbYT0uHdA5%2BB%2FVhkd1SX%2BR75MyfKB4XI2S5m5gz%2Bdt2cxZP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130befb52b4fa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100334702_multi_view.jpg
172.67.129.207200 OK 130 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100334702_multi_view.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size 130 kB (130041 bytes)
Hash 376d40a13fb314f6348c39ac3b14ed6f
83fe6feebe524666e39a8f201ba10a3f4ce5f78b
458b44113e09b0eb516e6b13fd90d138b1ec195cee7cf02f7c415e2a4df37f24
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586100334702_multi_view.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 130041
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1fbf9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Siva7je4uHAQevRsYQ%2FRHOqHzW5U%2Fqv12OqZcgJ%2Bx9Z%2Bs8l2Ik8719FVZIduAUEk%2F7Z0vipQpf5osfg96zYEUO36in9KugCo9DcQLqqF%2BP6qWy6s4OWtEx6dP0fdBgFHBg0X7M1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be8be80b3d-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.ttf
172.67.129.207404 Not Found 116 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.ttf
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/icons.ttf HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z2aoZZXXcQoRgkEs4X0syXz0IsXn1ucx80rRf03qokdsZPFjYoWqs7C6pa8Yfm4J7Iei6lfzyQCweimITei5HmbVv%2BrqXQdLp35%2FHfM%2BgsZGrQPVzvFiA%2Fc3uIkCIJZ6ldE4Yr3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bf8bb0b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102937853_review__.jpg
172.67.129.207200 OK 111 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102937853_review__.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size 111 kB (111187 bytes)
Hash b559717db701371ec085ad351c4c5baf
de55a086bc86879864832d6038034aa9c131ffce
dc06f10b5152b28f2f8a1638e67b18025f22091259673cde91ce4921bd6b3bb3
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586102937853_review__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 111187
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-1b253"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FJQhFYmdMkaVLzjHrftoFBDkLVxG6Wov1k%2FuU3MbHxjgtR8%2BrKLrREGxwmdBXAOHXRG7f80j43D5ucM61ZT%2BDA8aBe%2BUloV66mkKENuSZipFLscHHsResulVtlXw%2Bi3pyPox2Kx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bedb45b4fa-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.ttf
172.67.129.207404 Not Found 116 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.ttf
IP 172.67.129.207:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/themes/default/assets/fonts/brand-icons.ttf HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/semantic.min.css
HTTP/1.1 404 Not Found
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGyBncpErBtZjHqqpkMLR7T%2BYlrUeWWQ18GeVKzVGEGGlMy16WLw0hNvjxhyWctpFn0PFfeN%2BQIYlst89CbbA0rQw6XgSZ%2BtDH4MMTUZX7ksD2ILeL5uG3S5JN8l8i4tBmR45sxG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bf6fdf1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100239946_banner__.jpg
172.67.129.207200 OK 80 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586100239946_banner__.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Hash 8c1c17dff8ed4ca1df320a8005f4860d
9cb0249e0b76ab6c6d81e53ccaf8b6a2f5687a0f
1df377f3d31d6b23fb51eb01bd038e8ad071e10e4f2a585246d1a2b0b794e4a3
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586100239946_banner__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 79716
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:07 GMT
ETag: "62e823e3-13764"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYA1nQTnUufkZX0r7GxYUt0RDLW9ICSQyxWcVx18oDa60W%2FsLgc3TD1PNP%2FaFxxDfwZWQQjPbhqaGsugwHnTvIJcUc56b%2FQwFaTv493DfvZhWi6JWI0MLeTd2Ba9OUwFtQ0f3bk3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130be783fb523-OSL
alt-svc: h2=":443"; ma=60
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102542256_features__.jpg
172.67.129.207200 OK 103 kB URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/1586102542256_features__.jpg
IP 172.67.129.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x600, components 3\012- data
Size 103 kB (103271 bytes)
Hash 0309841be9f6c93b5163a6ab2cb19f2a
3abb34179b969dbabdb120d51ba02ac5151b1de7
bebc224b22cec1d226915bd2118a0fc9a53d50a9f369920b30ac0eb6495a0538
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/1586102542256_features__.jpg HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/jpeg
Content-Length: 103271
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-19367"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCLHRJr4FRQ2xwvS%2BB5tYcS9OWjSuFc2Tk5xIxX8AUungIbVOlvea5wnGARJPaMSuou54aa%2FUq4NgL1wVm5i4Cz34qKyOEWRpqNQ9MCMDST%2B0V6DTxNlfQs8qlpq2G9powZki70v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751130bec867b523-OSL
alt-svc: h2=":443"; ma=60
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 27 Sep 2022 03:55:38 GMT
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Length: 3249
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 02:41:09 GMT
expires: Tue, 27 Sep 2022 04:41:09 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
age: 3269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Last-Modified: Tue, 27 Sep 2022 02:18:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: jff2YPP/zZ1An4FvYSW1IsYguDDoK+xYyq7e5CsgUO0cG1bg9h05urCnkJlH4Mvfd0AVB1H3VGWz55jQxSliWA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 03:35:38 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Last-Modified: Tue, 27 Sep 2022 02:18:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&gjid=2120477645&_gid=1838135638.1664249736&_u=YEBAAUAAAAAAAC~&z=570952299
64.233.162.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&gjid=2120477645&_gid=1838135638.1664249736&_u=YEBAAUAAAAAAAC~&z=570952299
IP 64.233.162.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&gjid=2120477645&_gid=1838135638.1664249736&_u=YEBAAUAAAAAAAC~&z=570952299 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.eauxcook.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126905093-1&cid=1644403411.1664249736&jid=726527261&gjid=816899124&_gid=1838135638.1664249736&_u=YEDAAUABAAAAAC~&z=361337715
64.233.162.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126905093-1&cid=1644403411.1664249736&jid=726527261&gjid=816899124&_gid=1838135638.1664249736&_u=YEDAAUABAAAAAC~&z=361337715
IP 64.233.162.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-126905093-1&cid=1644403411.1664249736&jid=726527261&gjid=816899124&_gid=1838135638.1664249736&_u=YEDAAUABAAAAAC~&z=361337715 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.eauxcook.ru.com
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.eauxcook.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&optOut=false&bust=006060409846638437&referrer=
70.42.32.255200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&optOut=false&bust=006060409846638437&referrer=
IP 70.42.32.255:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&optOut=false&bust=006060409846638437&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 54c2c93bf618754d285bf884384f8ba8
content-encoding: gzip
tr.outbrain.com/cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a
70.42.32.255200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a
IP 70.42.32.255:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00d6f88dd9fc53a7a314e8f968d681ae2a HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:38 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: d9d889da57e5b26134d4e2953e8c2212
content-encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928
142.250.74.164200 OK 86 kB URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928
IP 142.250.74.164:0
File type gzip compressed data, from Unix\012- data
Hash d387b69a22c9e97df7ce7cc89b994c33
fb3f469977fd101990140b86e3caa9996f4a8dc2
f8dba7fc9612ad8c2674b1b1ea60ebb6d37ef7342a332a7739ed728f9743dc38
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-22484186-3&cid=1644403411.1664249736&jid=535931529&_u=YEBAAUAAAAAAAC~&z=12550928 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 03:35:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2517737108351885&ev=PageView&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736603&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2517737108351885&ev=PageView&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736603&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2517737108351885&ev=PageView&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736603&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 03:35:38 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2517737108351885&ev=SmartWatch&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736606&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2517737108351885&ev=SmartWatch&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736606&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2517737108351885&ev=SmartWatch&dl=http%3A%2F%2Fwww.eauxcook.ru.com%2Fclicks%2Fchapter2%2FGX-watch.php%3Fsid%3D990888%26h%3Dgrl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa%2Fjfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p&rl=&if=false&ts=1664249736606&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.2.1664249736602.112306168&it=1664249736407&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 03:35:38 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 03:35:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:35:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Tue, 27 Sep 2022 04:56:00 GMT
Date: Tue, 27 Sep 2022 03:35:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9bc23ab347b5f2e2ec15d69f41f0cf0
a92af0438aa2b6637c0f69dabd0be00b3a43caf8
4382f21ee6727d4b4d21bd7d16b1821a57d9fec6c78dbf7e74bfdfbde51ec206
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4327
x-amzn-requestid: 59493149-3c46-42c6-96aa-92c945fb4c40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA1HzioAMFzxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9e-5bd13d5719a119a25650f405;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nZuilN7CTsQ_XYx39le70nZKRzVBDyygmYdaHVmBnpi8teTUB1Faxw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 20780
etag: "a92af0438aa2b6637c0f69dabd0be00b3a43caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b97879edd864c4f251a6668c8201095f
28938e97773ac1a51a529e85284d228239641f01
143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7XXVE-hcLMoCU9jUDrgReSZMkPLz_GEAKoc_gR4Ai4hoCeZXfiC3tg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 05:28:34 GMT
age: 79624
etag: "28938e97773ac1a51a529e85284d228239641f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f0a1508f459d7774c0d63ff682532c0
03edfe254fa4f5c88bf9c8868edd9cdf07bf5d0d
eebf3b550e7a675a2231e97575e8be57e8d1216126a711cdef73ccbc5dd1e773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe29cee89-5693-407a-b182-e52f8fe5734f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11885
x-amzn-requestid: a8f6d57a-8bd3-42b9-80ba-695c5baac04b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshLpHZPIAMFZiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328157d-4ef5eb306dde741502e46f24;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:08:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JSWNUGbYq_zNf2L2AwkLuPfnGUTsX6iqCB5ESRr3dX-0voDgtu4KnQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:59:27 GMT
age: 20171
etag: "03edfe254fa4f5c88bf9c8868edd9cdf07bf5d0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 43579
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 21171
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 20780
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/scripts.f7764ecf794a9df7be6b.js.download
172.67.129.207200 OK 0 B URL HTTP/1.1 www.eauxcook.ru.com/clicks/chapter2/GX-watch_files/scripts.f7764ecf794a9df7be6b.js.download
IP 172.67.129.207:0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/chapter2/GX-watch_files/scripts.f7764ecf794a9df7be6b.js.download HTTP/1.1
Host: www.eauxcook.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.eauxcook.ru.com/clicks/chapter2/GX-watch.php?sid=990888&h=grl0mqghcugjdz866epnwsno_e9of_i3kuqd0zs0joa/jfvetn31pppzum5ztrnhl3ydm6oe7q9u9ejxa1z7-dx9o4yqmhcoe4hl3w-uvo-6hh0wegidfoggikdzqjv-mjzg9ntygxae4m_nhfn02z6e9krxs3rm3aycihpjbrsudulwex68ua5aoyb_p_pjsvxpfosuxxncdxf9pgmnagrwaq-1ynm3wuyqrkjfkh2p
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 03:35:37 GMT
Content-Type: application/octet-stream
Content-Length: 740762
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:05:08 GMT
ETag: "62e823e4-b4d9a"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3a9PMk2SNFd2t74F8idEIrWhNjenpUmmqolDgjDQi8Hp2s%2B%2Bn92elLSb44LXL0BRfBNI9v%2FgKQNpQFfRJFkeo307%2FzIosAsgtoNJC4IQMxu0Pj7SdYs83uGmDp5HusgOJAso0oK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751130b9fdacb523-OSL
alt-svc: h2=":443"; ma=60