metrolagu.ru/
301 Moved Permanently 231 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bade3e8022e6b5025fb3298d2f4a16ba
2eca00bac3bc66c02110df722a804629c995a625
e1935efccf46e7f1b906adc7f199b107d55c487d6e1de2754f3e31b23836eeea
GET / HTTP/1.1
Host: metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 21:16:32 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
Location: http://ad.metrolagu.ru/
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 20:16:50 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 4CoqiL66-h6suXTerwPED1qpsTNtHpx7wmNHqF8CPV93Y0zlZnHzoQ==
Age: 3582
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20810
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 21:16:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a156165ae278c5ddd408f18e7181dccc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: jufPNIQsgDQ46LvvqMD6g8LIvx8CmHwxfCf1G8LsdceXDIxSIpauRA==
age: 56885
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ad.metrolagu.ru/
301 Moved Permanently 231 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e800820c4334cd7073958529063545b8
6bbbbb3a13a85b0ec54eafd865313e8e2c20d274
7ba5e98cb4c1be57473e36cd8f5f34e8c2ebebede8534e4c554ad1e2cbc77c1b
GET / HTTP/1.1
Host: ad.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 21:16:32 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
Location: http://wp.metrolagu.ru/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 20:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 20:57:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: G-8ZrSMztIsAq4pHOfFBMNgxC1rNtx5aLMVbwVWVj_7B0TsUw4MVVQ==
Age: 2819
wp.metrolagu.ru/
301 Moved Permanently 231 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 193ecd602c9b87a8c3d3664c5d8e9e11
bfa0820acbcfd3a3ae8b04060116fb9ff06a71aa
d26ffd84b187f42fb58e1ac26fbcc0f6df96c07914c0f43b1e2976cf9d6fae20
GET / HTTP/1.1
Host: wp.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
Location: http://sm.metrolagu.ru/
ocsp.digicert.com/
200 OK 471 B IP
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4901
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:33 GMT
Last-Modified: Sun, 02 Oct 2022 19:54:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
sm.metrolagu.ru/
301 Moved Permanently 231 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 145ceda2c13a6d7221f632d8cffc9aea
4ed18ccc7ec5e09f2595e43635d99ea4730fc6a0
2fe4648cd3da8f5443183b6352517245ca24b74503f6207354dd9dce1f01095c
GET / HTTP/1.1
Host: sm.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
Location: http://en.metrolagu.ru/
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O6o+42gLwaDkho28Cvmmrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q7z31cbos/fCGo3/9wpEZh84294=
en.metrolagu.ru/
200 OK 5.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (410), with CRLF line terminators
Hash dfbaa136af87e4edc9a90576c35f90f8
0fdca1ddaa95f163cf13cb4aa7b05e4cd97d3a4e
40713c4c5a9575625f5fdaa1e25fcfcc4d4843d537e6b19fc98b36e84b0ceb0b
GET / HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5837
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
en.metrolagu.ru/style.css
200 OK 2.6 kB URL HTTP/1.1 en.metrolagu.ru/style.css
IP
File type assembler source, ASCII text, with CRLF line terminators
Hash 62a3fb89201aa35d5e79bf2007c9e674
0b209fd143925d8eba38a67acdbd5bb3fe84adf4
43375de0189401b172e46acc64c2becdab4da28932778f876547869883b48aae
GET /style.css HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Sep 2022 23:40:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632114e0-2724"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-123365797-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-123365797-1
IP
File type ASCII text, with very long lines (2039)
Hash 588883ddc30cda506f8de23a9c4d43bc
d01ebd42de50803fe8a64950018fd64531d60980
ed6b2543739a3837679711a24432d8cfa8ce152a6173c4cebdc63a41e6c15723
GET /gtag/js?id=UA-123365797-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 21:16:33 GMT
expires: Sun, 02 Oct 2022 21:16:33 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
en.metrolagu.ru/fd-content/music-2-48.png
200 OK 1.1 kB URL HTTP/1.1 en.metrolagu.ru/fd-content/music-2-48.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 819b55bde126e3fd854761fd027a757e
0c7bc971de0032562110ab30a9fdba0f3436d845
8915ac224e07f09201f559da6f7e2b52b9c12cd33cfe84dbeee6c11438737272
GET /fd-content/music-2-48.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 1063
Last-Modified: Fri, 06 May 2022 06:34:08 GMT
Connection: keep-alive
ETag: "6274c160-427"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
scentedindication.com/b.XHVashdIGqlQ0RYAWRcx/seDmh9RujZHUJlTkFPqTPQr1/MZjVUyx-N/TOIvtCNiD/UmyWNNT_Ev1sM-wb
301 Moved Permanently 162 B URL HTTP/1.1 scentedindication.com/b.XHVashdIGqlQ0RYAWRcx/seDmh9RujZHUJlTkFPqTPQr1/MZjVUyx-N/TOIvtCNiD/UmyWNNT_Ev1sM-wb
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /b.XHVashdIGqlQ0RYAWRcx/seDmh9RujZHUJlTkFPqTPQr1/MZjVUyx-N/TOIvtCNiD/UmyWNNT_Ev1sM-wb HTTP/1.1
Host: scentedindication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://scentedindication.com/b.XHVashdIGqlQ0RYAWRcx/seDmh9RujZHUJlTkFPqTPQr1/MZjVUyx-N/TOIvtCNiD/UmyWNNT_Ev1sM-wb
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
en.metrolagu.ru/fd-content/info.png
200 OK 337 B URL HTTP/1.1 en.metrolagu.ru/fd-content/info.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 68fe847e9e880b48174337b8f8f2c893
79eff5ac8eba28ca1a35cf43bb78453a4f3da18b
83ed919ebfb7e1fa66ce2ff3b5b25b7a005575092d503c2649fd6a419ab8ba83
GET /fd-content/info.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 337
Last-Modified: Fri, 06 May 2022 06:34:06 GMT
Connection: keep-alive
ETag: "6274c15e-151"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
en.metrolagu.ru/img/radio.png
200 OK 567 B URL HTTP/1.1 en.metrolagu.ru/img/radio.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c3a6ed3aa7e19fa6d6ca5f6c82dd3c7
264dba8952c6f4128523529d48d421d42aa84e8d
1fd1a24e5a43289b615899885ae10dde5dadd37dd15bcf232a9d4ad0409e62d1
GET /img/radio.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 567
Last-Modified: Fri, 06 May 2022 06:35:12 GMT
Connection: keep-alive
ETag: "6274c1a0-237"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
en.metrolagu.ru/img/jadwal.png
200 OK 347 B URL HTTP/1.1 en.metrolagu.ru/img/jadwal.png
IP
File type PNG image data, 40 x 40, 8-bit colormap, non-interlaced\012- data
Hash 457ec73e1651c371a53d734801a4626c
888aa48b1e163b2992a0b0f397ea56f155e479d1
5efc4411ec40802cf7650ec6294f8b7d54f94acf17ccd0c768b47061f7057b12
GET /img/jadwal.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 347
Last-Modified: Fri, 06 May 2022 06:35:02 GMT
Connection: keep-alive
ETag: "6274c196-15b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
en.metrolagu.ru/logo_small.png
200 OK 1.1 kB URL HTTP/1.1 en.metrolagu.ru/logo_small.png
IP
File type PNG image data, 58 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f5952803f00649ec4f7e72fa4507864
c2db3727fef6edc07590c40b93102873b913794c
c860b591de8205341eb4c4ab65b938b1841932532756ad83f3f6b1f824ca752e
GET /logo_small.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 1061
Last-Modified: Fri, 06 May 2022 06:40:06 GMT
Connection: keep-alive
ETag: "6274c2c6-425"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-vRO3Ys-KSHg/VcOhIASrnlI/AAAAAAAACh8/tI1ilmDJUmY/s1600/pattern.png
200 OK 5.1 kB URL HTTP/1.1 1.bp.blogspot.com/-vRO3Ys-KSHg/VcOhIASrnlI/AAAAAAAACh8/tI1ilmDJUmY/s1600/pattern.png
IP
File type PNG image data, 150 x 109, 8-bit/color RGB, non-interlaced\012- data
Hash cc81412587839664654da0fe02097515
ce46b2e724560e1f0ccbef894e5899f52c6ddbb2
0f2a2544bfb1bcb837b9514a5d73e23e7ac1f0c8e9004914d7d34c884dbbbb0b
GET /-vRO3Ys-KSHg/VcOhIASrnlI/AAAAAAAACh8/tI1ilmDJUmY/s1600/pattern.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="pattern.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5125
X-XSS-Protection: 0
Date: Sun, 02 Oct 2022 19:51:20 GMT
Expires: Wed, 17 Nov 2021 06:28:19 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 5113
ETag: "va20"
Content-Type: image/png
en.metrolagu.ru/home.png
200 OK 1.7 kB IP
File type PNG image data, 58 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f6dacf9d691c1935d63bd20d8426566
d1d07b530ab339c5e3d3438c4ddb53abadf842a7
58b4d0c710b37c68f3af0579a9ad4ba30c0557ee85c55f47df9641963441097c
GET /home.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 1738
Last-Modified: Fri, 06 May 2022 06:39:40 GMT
Connection: keep-alive
ETag: "6274c2ac-6ca"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
en.metrolagu.ru/img/videoico.png
200 OK 288 B URL HTTP/1.1 en.metrolagu.ru/img/videoico.png
IP
File type PNG image data, 40 x 40, 4-bit colormap, non-interlaced\012- data
Hash fd371f89642e3eedd3a2d1faa0c9a1c9
a0b142633675e6e5d58406de0e85db698b3b4bfc
31ccab4b11916fc768fe4dc99684c011e6b74282b16330b58c2738c5c9b516b0
GET /img/videoico.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 288
Last-Modified: Fri, 06 May 2022 06:35:22 GMT
Connection: keep-alive
ETag: "6274c1aa-120"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
en.metrolagu.ru/img/tv.png
200 OK 2.2 kB URL HTTP/1.1 en.metrolagu.ru/img/tv.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash a44d9dcb91c8de12fad5f94ada680997
e7597936987f50e07d4d9f42f9088a550666dfcb
d13ca313fe3f3567eda3376d45362ebae8e6ed205b2e7f760476828cd3e82be1
GET /img/tv.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 2213
Last-Modified: Fri, 06 May 2022 06:35:18 GMT
Connection: keep-alive
ETag: "6274c1a6-8a5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
s10.histats.com/js15_gif.js
200 OK 4.4 kB URL HTTP/1.1 s10.histats.com/js15_gif.js
IP
File type HTML document, ASCII text, with very long lines (11284), with no line terminators
Hash 191709fbf1abaa19a89a4912e0fc40c4
9e3757d37e79edfc8090df4ebecdafaec376b249
864651a029f5bb1613744b51b2e9e070ecc5036eff827bf27e012561a4faedc0
GET /js15_gif.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
date: Sun, 02 Oct 2022 21:06:09 GMT
last-modified: Thu, 16 Apr 2020 10:44:17 GMT
x-request-id: 872776140
etag: W/"1458891563"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-grace: full
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4422
x-iplb-request-id: 5B5A2A9A:9CB7_2E69C9F0:0050_6339FFB1_121D86:1A90F
x-iplb-instance: 42473
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de1c1f5e11e69ac46252477013e4c814
33641e6ee516f3da05c880d206f907a51140fce3
422203ca4de4557bedf42a621bcd427fa8275707cffa206da6f3367951b62af0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422203CA4DE4557BEDF42A621BCD427FA8275707CFFA206DA6F3367951B62AF0"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8718
Expires: Sun, 02 Oct 2022 23:41:51 GMT
Date: Sun, 02 Oct 2022 21:16:33 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash ede7f8fe71ec6f674fb6aaaccaeef25f
2ebdcb0a9b84e5277272cad6d534804752c5058d
5f56e6b8638ead000ff37f3c7e3cac45e622b8771b26c1fe85000c28ee965e0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:34 GMT
Last-Modified: Sun, 02 Oct 2022 19:57:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ede7f8fe71ec6f674fb6aaaccaeef25f
2ebdcb0a9b84e5277272cad6d534804752c5058d
5f56e6b8638ead000ff37f3c7e3cac45e622b8771b26c1fe85000c28ee965e0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:34 GMT
Last-Modified: Sun, 02 Oct 2022 19:57:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
is1-ssl.mzstatic.com/image/thumb/Music124/v4/4b/3c/55/4b3c5501-e645-2eca-746e-cf1ea2a768d2/Cover_Budi_Doremi_-_Mesin_Waktu.jpg/100x100bb.png
200 OK 18 kB URL HTTP/2 is1-ssl.mzstatic.com/image/thumb/Music124/v4/4b/3c/55/4b3c5501-e645-2eca-746e-cf1ea2a768d2/Cover_Budi_Doremi_-_Mesin_Waktu.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 4524f3371fa5bcb9289a80b87c0f0a73
c6a5920efcab11050d28802b2fbfee87ac6ea7bf
d2b65f23ed0d2956f5d1292955806568859b59c73f053f2a721c0507a3aa11d7
GET /image/thumb/Music124/v4/4b/3c/55/4b3c5501-e645-2eca-746e-cf1ea2a768d2/Cover_Budi_Doremi_-_Mesin_Waktu.jpg/100x100bb.png HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 17656
x-apple-jingle-correlation-key: RFOIGZHWV6IKLUB5ZAG5LJDIFI
x-apple-request-uuid: 895c8364-f6af-90a5-d03d-c80dd5a4682a
b3: 895c8364f6af90a5d03dc80dd5a4682a-2f55cf7e169e04f6
x-b3-traceid: 895c8364f6af90a5d03dc80dd5a4682a
x-b3-spanid: 2f55cf7e169e04f6
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Mon, 29 Aug 2022 13:46:59 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYxNzgwODE5Njg1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMzM2LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22RELEASE104:daiquiri-amp-processing-shared-int-001-st
cdnuuid: a9564605-e7fc-4f66-8e9d-7aee890e7dcd-467772028
cache-control: no-transform, max-age=14981890
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ede7f8fe71ec6f674fb6aaaccaeef25f
2ebdcb0a9b84e5277272cad6d534804752c5058d
5f56e6b8638ead000ff37f3c7e3cac45e622b8771b26c1fe85000c28ee965e0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:34 GMT
Last-Modified: Sun, 02 Oct 2022 19:57:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ede7f8fe71ec6f674fb6aaaccaeef25f
2ebdcb0a9b84e5277272cad6d534804752c5058d
5f56e6b8638ead000ff37f3c7e3cac45e622b8771b26c1fe85000c28ee965e0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2629
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:34 GMT
Last-Modified: Sun, 02 Oct 2022 20:32:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ede7f8fe71ec6f674fb6aaaccaeef25f
2ebdcb0a9b84e5277272cad6d534804752c5058d
5f56e6b8638ead000ff37f3c7e3cac45e622b8771b26c1fe85000c28ee965e0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1426
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:34 GMT
Last-Modified: Sun, 02 Oct 2022 20:52:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
is3-ssl.mzstatic.com/image/thumb/Music115/v4/bc/13/27/bc13275c-8b26-802d-771b-d15ae00fb530/mzm.hvpwjsvi.jpg/100x100bb.png
200 OK 17 kB URL HTTP/2 is3-ssl.mzstatic.com/image/thumb/Music115/v4/bc/13/27/bc13275c-8b26-802d-771b-d15ae00fb530/mzm.hvpwjsvi.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash bc45ea1d861b22769a0f3301fdeabed2
06b538068c1b7973e4824ad63641e60d029150c7
a4e10bc45525d0a2d7515308e5e2230dfd2500f4a4c8be99af9b9ca7aa57644e
GET /image/thumb/Music115/v4/bc/13/27/bc13275c-8b26-802d-771b-d15ae00fb530/mzm.hvpwjsvi.jpg/100x100bb.png HTTP/1.1
Host: is3-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 17070
x-apple-jingle-correlation-key: CM2VPBOCDQLY65JKB7IZGZQBO4
x-apple-request-uuid: 13355785-c21c-178f-752a-0fd193660177
b3: 13355785c21c178f752a0fd193660177-006248af5e6c12db
x-b3-traceid: 13355785c21c178f752a0fd193660177
x-b3-spanid: 006248af5e6c12db
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Wed, 01 Jun 2022 14:43:28 GMT
etag: "MSwxLjI3LTIyRyxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjU0MDk0NjA4OTUyLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMTY2LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE72:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: cb965e7c-c5fe-4b0b-be1e-7d0a6fe11066-3200480252
cache-control: no-transform, max-age=12059293
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-30.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is1-ssl.mzstatic.com/image/thumb/Music112/v4/5d/c4/14/5dc414eb-f6ef-0713-789b-7d6da40bf72a/5054197332692.jpg/100x100bb.png
200 OK 8.4 kB URL HTTP/2 is1-ssl.mzstatic.com/image/thumb/Music112/v4/5d/c4/14/5dc414eb-f6ef-0713-789b-7d6da40bf72a/5054197332692.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 83b680088183389e10c44f27b32f812d
de84e64fde077c58c2ec3c282e0834560267eba1
34590250cd7e9162644ffebeed5c67cf0d6914705eea941247a40bffd99a3e6d
GET /image/thumb/Music112/v4/5d/c4/14/5dc414eb-f6ef-0713-789b-7d6da40bf72a/5054197332692.jpg/100x100bb.png HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 8420
x-apple-jingle-correlation-key: 2EETXKOI6UMO5ABMAEMUTVAQEY
x-apple-request-uuid: d1093ba9-c8f5-18ee-802c-011949d41026
b3: d1093ba9c8f518ee802c011949d41026-11f14be7b0acac77
x-b3-traceid: d1093ba9c8f518ee802c011949d41026
x-b3-spanid: 11f14be7b0acac77
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 29 Sep 2022 15:22:42 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY0NDY0OTYyMjgzLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTgyLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE133:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: d19e6d89-daa8-41a7-a34b-098ac5b6731f-3886762441
cache-control: no-transform, max-age=15299240
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is1-ssl.mzstatic.com/image/thumb/Music114/v4/b5/8b/11/b58b1116-860e-238b-4330-eb683ebb846b/3610155528532_Cover.jpg/100x100bb.png
200 OK 19 kB URL HTTP/2 is1-ssl.mzstatic.com/image/thumb/Music114/v4/b5/8b/11/b58b1116-860e-238b-4330-eb683ebb846b/3610155528532_Cover.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 5174e4fb57591f8c567c1782c95709f0
a5c60521aa085af7e18d5ef7dfed234bed341658
f4efa909fba4b0d1503acfeb9ed5a48af8337575b0ce5eecfd354ab40680b08d
GET /image/thumb/Music114/v4/b5/8b/11/b58b1116-860e-238b-4330-eb683ebb846b/3610155528532_Cover.jpg/100x100bb.png HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 18842
x-apple-jingle-correlation-key: I63NCV3S7C3KYA7PG3I5GMG3ZU
x-apple-request-uuid: 47b6d157-72f8-b6ac-03ef-36d1d330dbcd
b3: 47b6d15772f8b6ac03ef36d1d330dbcd-e1daf9f88c298b64
x-b3-traceid: 47b6d15772f8b6ac03ef36d1d330dbcd
x-b3-spanid: e1daf9f88c298b64
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Wed, 21 Sep 2022 16:58:50 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYzNzc5NTMwMTcwLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTI5LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22HOTFIX7:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: 3a80efb6-743d-4251-a5b8-d4c873c1eb23-4673534725
cache-control: no-transform, max-age=13225656
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_MISS from a2-21-243-225.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
X-Firefox-Spdy: h2
is3-ssl.mzstatic.com/image/thumb/Music115/v4/f5/2e/83/f52e8357-9cf4-e644-c365-3c21839f85ac/mzi.staekbjw.jpg/100x100bb.png
200 OK 20 kB URL HTTP/2 is3-ssl.mzstatic.com/image/thumb/Music115/v4/f5/2e/83/f52e8357-9cf4-e644-c365-3c21839f85ac/mzi.staekbjw.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 84dcab7fe233d90c0fa736cbbcddba22
c780453399d09180983c29770d55b68a2f84d946
a624dbf995a2873edc66ecb5612e493387e0f0df927a49f161d90f1b31ee04e1
GET /image/thumb/Music115/v4/f5/2e/83/f52e8357-9cf4-e644-c365-3c21839f85ac/mzi.staekbjw.jpg/100x100bb.png HTTP/1.1
Host: is3-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 20462
x-apple-jingle-correlation-key: MN5UHH2MECWKB6WUO6H6YCYU2I
x-apple-request-uuid: 637b439f-4c20-aca0-fad4-778fec0b14d2
b3: 637b439f4c20aca0fad4778fec0b14d2-122e4adab2dbe269
x-b3-traceid: 637b439f4c20aca0fad4778fec0b14d2
x-b3-spanid: 122e4adab2dbe269
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 12 Aug 2022 19:51:13 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYwMzMzODczMjUxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMDMxLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE104:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: fcb9a25d-2ed3-4fe7-8bf0-0f869f5eb224-2886334735
cache-control: no-transform, max-age=15547365
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_MISS from a2-21-243-217.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
X-Firefox-Spdy: h2
is4-ssl.mzstatic.com/image/thumb/Music122/v4/e6/14/14/e6141444-6597-4c3a-7ad1-86304528acf4/22UMGIM45569.rgb.jpg/100x100bb.png
200 OK 22 kB URL HTTP/2 is4-ssl.mzstatic.com/image/thumb/Music122/v4/e6/14/14/e6141444-6597-4c3a-7ad1-86304528acf4/22UMGIM45569.rgb.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash bb34a9ed46dc6515536d449e284bd231
81f6bae190d875933cd03308137d1fbf199c9b76
6513a113df73dd14e76ed62ff279bd576bdf1bfd0bcc172b29b40e4973331666
GET /image/thumb/Music122/v4/e6/14/14/e6141444-6597-4c3a-7ad1-86304528acf4/22UMGIM45569.rgb.jpg/100x100bb.png HTTP/1.1
Host: is4-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 21932
x-apple-jingle-correlation-key: D5KRUPGZU3AF7YGYPHACBW6CHU
x-apple-request-uuid: 1f551a3c-d9a6-c05f-e0d8-79c020dbc23d
b3: 1f551a3cd9a6c05fe0d879c020dbc23d-d1523fe4b3d8312e
x-b3-traceid: 1f551a3cd9a6c05fe0d879c020dbc23d
x-b3-spanid: d1523fe4b3d8312e
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Wed, 18 May 2022 01:42:25 GMT
etag: "MSwxLjI2LTIyRiwyMEUyNDEsMTY1MjgzODE0NTM1OSxpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDUyOCxub0VmZmVjdA=="
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22RELEASE62:daiquiri-amp-processing-shared-int-001-st
cdnuuid: 96f5d988-00e7-46a8-9515-8ddad4c54275-884918310
cache-control: no-transform, max-age=14749651
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-30.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is1-ssl.mzstatic.com/image/thumb/Music126/v4/e0/53/66/e05366f6-d1d6-9995-ff94-7ce15bf4aef4/22UMGIM49681.rgb.jpg/100x100bb.png
200 OK 18 kB URL HTTP/2 is1-ssl.mzstatic.com/image/thumb/Music126/v4/e0/53/66/e05366f6-d1d6-9995-ff94-7ce15bf4aef4/22UMGIM49681.rgb.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash f8855413af483139f9381f90417ba7bb
16e6546a8a7965cc9b9e8415d9cd8bb20ade042f
f7af0aeb7728a86be21bbb75459ac8f6966d9d80f8e4566ab755e47a98b1a751
GET /image/thumb/Music126/v4/e0/53/66/e05366f6-d1d6-9995-ff94-7ce15bf4aef4/22UMGIM49681.rgb.jpg/100x100bb.png HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 17721
x-apple-jingle-correlation-key: WPP6JI5DA5BU75Y7SYRY5VLTKI
x-apple-request-uuid: b3dfe4a3-a307-434f-f71f-96238ed57352
b3: b3dfe4a3a307434ff71f96238ed57352-42e95d2ef2803804
x-b3-traceid: b3dfe4a3a307434ff71f96238ed57352
x-b3-spanid: 42e95d2ef2803804
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 13 May 2022 05:49:17 GMT
etag: "MSwxLjI2LTIyRiwyMEUyNDEsMTY1MjQyMDk1NzM3OSxpc0J1aWxkVmVyc2lvbk5vdFNldCw1MDE0OSxub0VmZmVjdA=="
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE62:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: 0244191d-ca89-4550-b074-4895332d4cc7-1443352447
cache-control: no-transform, max-age=7459803
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is4-ssl.mzstatic.com/image/thumb/Music112/v4/a4/0c/bd/a40cbd9d-bb38-8164-cd30-e107c8c7bb0e/22UMGIM83430.rgb.jpg/100x100bb.png
200 OK 14 kB URL HTTP/2 is4-ssl.mzstatic.com/image/thumb/Music112/v4/a4/0c/bd/a40cbd9d-bb38-8164-cd30-e107c8c7bb0e/22UMGIM83430.rgb.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash beed2221d9ab22d097cb37404b0f6cf8
bec5803c1bb3ca94c53fbe70aa545390f6f7c4d4
1cb1e64243e751c3f013a1adb6e41d10516a41ca9a64d4d5b6d2b7a857a9607e
GET /image/thumb/Music112/v4/a4/0c/bd/a40cbd9d-bb38-8164-cd30-e107c8c7bb0e/22UMGIM83430.rgb.jpg/100x100bb.png HTTP/1.1
Host: is4-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 14090
x-apple-jingle-correlation-key: 7AFRMPXC7VK6BIG5SVFZUDZFFE
x-apple-request-uuid: f80b163e-e2fd-55e0-a0dd-954b9a0f2529
b3: f80b163ee2fd55e0a0dd954b9a0f2529-58ddf2d14d5aa378
x-b3-spanid: 58ddf2d14d5aa378
x-b3-parentspanid: 79366066bb5adfce
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 22 Sep 2022 17:55:02 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYzODY5MzAyMzMyLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUzMDEwMzdjLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
x-b3-traceid: 71faa88003f69fb8
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22HOTFIX7:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: e80141e5-f62f-4d60-ad0e-4338368ab801-2633925320
cache-control: no-transform, max-age=15582306
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-29.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is1-ssl.mzstatic.com/image/thumb/Music112/v4/84/15/a0/8415a0db-0e12-d643-4593-38c1020cda1c/29280.jpg/100x100bb.png
200 OK 15 kB URL HTTP/2 is1-ssl.mzstatic.com/image/thumb/Music112/v4/84/15/a0/8415a0db-0e12-d643-4593-38c1020cda1c/29280.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash aed792ed51ee25b69385270dc8e620af
751ef7eccdfb678ed1df56bb79bfa8a21c8be77e
e720d9343ee4dd852bf8cec225f3cdae81501a989b709c92c2d36d7943e09776
GET /image/thumb/Music112/v4/84/15/a0/8415a0db-0e12-d643-4593-38c1020cda1c/29280.jpg/100x100bb.png HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 15042
x-apple-jingle-correlation-key: BLGAX5D26UMLJVTGGSGS4ZPG5A
x-apple-request-uuid: 0acc0bf4-7af5-18b4-d666-348d2e65e6e8
b3: 0acc0bf47af518b4d666348d2e65e6e8-7db3a36cec319593
x-b3-traceid: 0acc0bf47af518b4d666348d2e65e6e8
x-b3-spanid: 7db3a36cec319593
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 29 Sep 2022 12:58:28 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY0NDU2MzA4MzQ5LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwNDgzLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22RELEASE133:daiquiri-amp-processing-shared-int-001-st
cdnuuid: 05b1eb13-a0d5-4a6c-9449-ef7eca35e534-3888289513
cache-control: no-transform, max-age=14144043
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is4-ssl.mzstatic.com/image/thumb/Music112/v4/c8/3f/14/c83f14cc-ec3d-ad8e-dfd3-1c7602cc063f/196589131317.jpg/100x100bb.png
200 OK 19 kB URL HTTP/2 is4-ssl.mzstatic.com/image/thumb/Music112/v4/c8/3f/14/c83f14cc-ec3d-ad8e-dfd3-1c7602cc063f/196589131317.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 02235df89a557f87b0a8a0c4fdd46a68
0555967c708b13272253fa7cf65eed5f53a4a9cf
3caed9599355db727c62b5c020edb6db93cc2c1c05167fcbb1ab8aae4251917a
GET /image/thumb/Music112/v4/c8/3f/14/c83f14cc-ec3d-ad8e-dfd3-1c7602cc063f/196589131317.jpg/100x100bb.png HTTP/1.1
Host: is4-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 18994
x-apple-jingle-correlation-key: V6W7VCP3C2SNAN4KG34E5LW6RQ
x-apple-request-uuid: afadfa89-fb16-a4d0-378a-36f84eaede8c
b3: afadfa89fb16a4d0378a36f84eaede8c-7d20f16ae9f064e3
x-b3-traceid: afadfa89fb16a4d0378a36f84eaede8c
x-b3-spanid: 7d20f16ae9f064e3
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 29 Apr 2022 12:29:41 GMT
etag: "MSwxLjI2LTIyRiwyMEUyNDEsMTY1MTIzNTM4MTQ0OSxpc0J1aWxkVmVyc2lvbk5vdFNldCw1MDEzNCxub0VmZmVjdA=="
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE53:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: 8651f8bf-dde6-47ac-a856-0044e6953d94-956926722
cache-control: no-transform, max-age=11352742
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is1-ssl.mzstatic.com/image/thumb/Music116/v4/d8/45/bd/d845bd49-2851-b714-f3ab-61dbb49b6fde/886449644285.jpg/100x100bb.png
200 OK 22 kB URL HTTP/2 is1-ssl.mzstatic.com/image/thumb/Music116/v4/d8/45/bd/d845bd49-2851-b714-f3ab-61dbb49b6fde/886449644285.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash af37eed296d0384d6b02f16bf332c8b6
28f83c2d4d3a741cc2a1db0cd240840f2d4d0483
d01fd6b3c921f11142e2ea71a70716438d6b6effc0408cfc500dc9c988527581
GET /image/thumb/Music116/v4/d8/45/bd/d845bd49-2851-b714-f3ab-61dbb49b6fde/886449644285.jpg/100x100bb.png HTTP/1.1
Host: is1-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 21712
x-apple-jingle-correlation-key: BGXBT3YEAX3MYMEKOCTOCG5ZJY
x-apple-request-uuid: 09ae19ef-0405-f6cc-308a-70a6e11bb94e
b3: 09ae19ef0405f6cc308a70a6e11bb94e-c1c4576ab86303c3
x-b3-traceid: 09ae19ef0405f6cc308a70a6e11bb94e
x-b3-spanid: c1c4576ab86303c3
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Sat, 25 Jun 2022 20:44:08 GMT
etag: "MSwxLjI3LTIyRyxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjU2MTg5ODQ4NjM1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTE4LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE83:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: ee777b61-876a-40a9-b8d3-d9bd3aee303d-701150856
cache-control: no-transform, max-age=16583540
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is4-ssl.mzstatic.com/image/thumb/Music126/v4/2a/19/fb/2a19fb85-2f70-9e44-f2a9-82abe679b88e/886449990061.jpg/100x100bb.png
200 OK 16 kB URL HTTP/2 is4-ssl.mzstatic.com/image/thumb/Music126/v4/2a/19/fb/2a19fb85-2f70-9e44-f2a9-82abe679b88e/886449990061.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 3e0c9242b66b0132ef0eb9b28fdb59db
801c6c4b7446f7c1e6780ec1e9be9fa1f2e00c4a
fd79be8ce8802702d1aa03c0c532439163b986dc618c7119f245a9f39e6bfd1d
GET /image/thumb/Music126/v4/2a/19/fb/2a19fb85-2f70-9e44-f2a9-82abe679b88e/886449990061.jpg/100x100bb.png HTTP/1.1
Host: is4-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 15608
x-apple-jingle-correlation-key: K6KY52BWOA7XRLUESSYTARKZ5A
x-apple-request-uuid: 57958ee8-3670-3f78-ae84-94b1304559e8
b3: 57958ee836703f78ae8494b1304559e8-39a17da6900bbd88
x-b3-traceid: 57958ee836703f78ae8494b1304559e8
x-b3-spanid: 39a17da6900bbd88
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Sat, 11 Jun 2022 17:30:29 GMT
etag: "MSwxLjI3LTIyRyxWZXJzaW9uIDExLjMuMSAoQnVpbGQgMjBFMjQxKSwxNjU0OTY4NjI5NjQ1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMzk0LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22RELEASE72:daiquiri-amp-processing-shared-int-001-st
cdnuuid: 5379f824-a199-4698-8120-f98a2dba64f1-2804874170
cache-control: no-transform, max-age=13483895
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is4-ssl.mzstatic.com/image/thumb/Music122/v4/df/b8/4e/dfb84e99-7b63-ae2d-217e-57746e36eac0/081227882365.png/100x100bb.png
200 OK 22 kB URL HTTP/2 is4-ssl.mzstatic.com/image/thumb/Music122/v4/df/b8/4e/dfb84e99-7b63-ae2d-217e-57746e36eac0/081227882365.png/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 24bc7e22d2aebd49ee4fe1cd02ff6e81
c4d6c0384b9f0d080fe68344e668c198ff8d0a62
cf7975439cebbdd847175e3006d3a203054ea5ccd114da53779fc378f3ff3b4f
GET /image/thumb/Music122/v4/df/b8/4e/dfb84e99-7b63-ae2d-217e-57746e36eac0/081227882365.png/100x100bb.png HTTP/1.1
Host: is4-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 21943
x-apple-jingle-correlation-key: PIOZMKSYJEKFJJWSTRGRUWNTU4
x-apple-request-uuid: 7a1d962a-5849-1454-a6d2-9c4d1a59b3a7
b3: 7a1d962a58491454a6d29c4d1a59b3a7-5e1627769a7944ca
x-b3-traceid: 7a1d962a58491454a6d29c4d1a59b3a7
x-b3-spanid: 5e1627769a7944ca
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 29 Jul 2022 13:30:25 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjU5MTAxNDI1OTU2LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwNDI0LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22RELEASE91:daiquiri-amp-processing-shared-int-001-st
cdnuuid: b2d77795-3fdb-47bb-95dc-366403b2a300-3644540015
cache-control: no-transform, max-age=13836101
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b63e10a721fddf6128e218b81de89838
5a816e6c36f2eddfd1135364a2f81c68e3fa6355
54e511984e26f01596c9cd925f48f583a02b503471a4d0ee7440f8e829c0c580
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54E511984E26F01596C9CD925F48F583A02B503471A4D0EE7440F8E829C0C580"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6364
Expires: Sun, 02 Oct 2022 23:02:38 GMT
Date: Sun, 02 Oct 2022 21:16:34 GMT
Connection: keep-alive
scentedindication.com/cIHJV-z.aLGMlNtOZ_zQ9RhSZTE-lVkWPXTYQ_0aMbDcgd2-NfCgZhjid_Dk0lmmZnn-Bp2qPrTsg_4uMvDwAxm-ZznAJB2CP_TEEFxGMHD-AJwKJLmMl_tOZPzQ1Ro-dTHURVwWc_yYUZzaQbS-UdyeRfigU_yiRjjkElw-OnToQp1qL_TsItuucvy-5xjyZzGA4_xCNDSE5Fj-bH2I0JlKM_kMZNjOcPm-VRhSdTGUl_2WZXXYMZl-MbkcYdxeN_jgchziNjj-UllmMnkoY_yqMrTsAty-MvTwcxlyM_kAYB0CNDD-AF4GNHjIR_fKMLzMkN3-ZPjQARuSc_GU5VnWJXn-BZhaebTc0_4eOfDgAhw-JjnkBlhme_Wo9p1qdrF-BtlucvkwN_syazWANBr-PDTEAFmGc_mIVJ2KPLT-ENxOMPDQA_wSJTnUNVz-PXTYMZmac_3cQd9eMfS-Zh6ibj2k5_lmSnWoQp9-NrDsUtyuN_TwEx2yMzA-
302 Found 0 B URL HTTP/2 scentedindication.com/cIHJV-z.aLGMlNtOZ_zQ9RhSZTE-lVkWPXTYQ_0aMbDcgd2-NfCgZhjid_Dk0lmmZnn-Bp2qPrTsg_4uMvDwAxm-ZznAJB2CP_TEEFxGMHD-AJwKJLmMl_tOZPzQ1Ro-dTHURVwWc_yYUZzaQbS-UdyeRfigU_yiRjjkElw-OnToQp1qL_TsItuucvy-5xjyZzGA4_xCNDSE5Fj-bH2I0JlKM_kMZNjOcPm-VRhSdTGUl_2WZXXYMZl-MbkcYdxeN_jgchziNjj-UllmMnkoY_yqMrTsAty-MvTwcxlyM_kAYB0CNDD-AF4GNHjIR_fKMLzMkN3-ZPjQARuSc_GU5VnWJXn-BZhaebTc0_4eOfDgAhw-JjnkBlhme_Wo9p1qdrF-BtlucvkwN_syazWANBr-PDTEAFmGc_mIVJ2KPLT-ENxOMPDQA_wSJTnUNVz-PXTYMZmac_3cQd9eMfS-Zh6ibj2k5_lmSnWoQp9-NrDsUtyuN_TwEx2yMzA-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cIHJV-z.aLGMlNtOZ_zQ9RhSZTE-lVkWPXTYQ_0aMbDcgd2-NfCgZhjid_Dk0lmmZnn-Bp2qPrTsg_4uMvDwAxm-ZznAJB2CP_TEEFxGMHD-AJwKJLmMl_tOZPzQ1Ro-dTHURVwWc_yYUZzaQbS-UdyeRfigU_yiRjjkElw-OnToQp1qL_TsItuucvy-5xjyZzGA4_xCNDSE5Fj-bH2I0JlKM_kMZNjOcPm-VRhSdTGUl_2WZXXYMZl-MbkcYdxeN_jgchziNjj-UllmMnkoY_yqMrTsAty-MvTwcxlyM_kAYB0CNDD-AF4GNHjIR_fKMLzMkN3-ZPjQARuSc_GU5VnWJXn-BZhaebTc0_4eOfDgAhw-JjnkBlhme_Wo9p1qdrF-BtlucvkwN_syazWANBr-PDTEAFmGc_mIVJ2KPLT-ENxOMPDQA_wSJTnUNVz-PXTYMZmac_3cQd9eMfS-Zh6ibj2k5_lmSnWoQp9-NrDsUtyuN_TwEx2yMzA- HTTP/1.1
Host: scentedindication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 02 Oct 2022 21:16:34 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
location: https://10945-2.s.cdn15.com/creatives/167365/210217/440864_397f0.png
x-content-type-options: nosniff
X-Firefox-Spdy: h2
is5-ssl.mzstatic.com/image/thumb/Music112/v4/a1/ad/94/a1ad94e7-4ef7-69ad-5c12-8318ba6fb6ca/BLACKPINK_BORN_PINK.jpg/100x100bb.png
200 OK 3.4 kB URL HTTP/2 is5-ssl.mzstatic.com/image/thumb/Music112/v4/a1/ad/94/a1ad94e7-4ef7-69ad-5c12-8318ba6fb6ca/BLACKPINK_BORN_PINK.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash fa91fca0921c67803a5456b4ccecf890
37193362e28d7fff3a68a1e75480ea80a2ea222a
b6b39597d875ed1767a0615bc5f1ad0548fc0ae0f59be4248d8dc2366ad6d6b0
GET /image/thumb/Music112/v4/a1/ad/94/a1ad94e7-4ef7-69ad-5c12-8318ba6fb6ca/BLACKPINK_BORN_PINK.jpg/100x100bb.png HTTP/1.1
Host: is5-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 3412
x-apple-jingle-correlation-key: BYYU3CK6W7TPZHBU2ORW6CFFCU
x-apple-request-uuid: 0e314d89-5eb7-e6fc-9c34-d3a36f08a515
b3: 0e314d895eb7e6fc9c34d3a36f08a515-7ee60c43463c2699
x-b3-traceid: 0e314d895eb7e6fc9c34d3a36f08a515
x-b3-spanid: 7ee60c43463c2699
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 16 Sep 2022 05:47:09 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYzMzA3MjI5OTMxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTIyLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22HOTFIX7:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: 4439d109-4671-4501-983f-0a6222e94e49-802492526
cache-control: no-transform, max-age=12785236
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is5-ssl.mzstatic.com/image/thumb/Music115/v4/e0/92/da/e092da2d-9f6d-11dc-7843-2021e95a2b61/21UMGIM17518.rgb.jpg/100x100bb.png
200 OK 22 kB URL HTTP/2 is5-ssl.mzstatic.com/image/thumb/Music115/v4/e0/92/da/e092da2d-9f6d-11dc-7843-2021e95a2b61/21UMGIM17518.rgb.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash d437ebcfdf91a03a2b790fa1751dca1d
92e7798e4748259d8b359de3d1708f6143cd2bc5
469de8a6828170416edf5e588d36187eebbff60719b248fd472e91e927030583
GET /image/thumb/Music115/v4/e0/92/da/e092da2d-9f6d-11dc-7843-2021e95a2b61/21UMGIM17518.rgb.jpg/100x100bb.png HTTP/1.1
Host: is5-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 21713
x-apple-jingle-correlation-key: SLJ272FTYMFFIRD5QPSXQJCIXE
x-apple-request-uuid: 92d3afe8-b3c3-0a54-447d-83e5782448b9
b3: 92d3afe8b3c30a54447d83e5782448b9-e9b438bf8493f710
x-b3-traceid: 92d3afe8b3c30a54447d83e5782448b9
x-b3-spanid: e9b438bf8493f710
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Mon, 08 Aug 2022 00:21:19 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjU5OTE4MDc5ODk2LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwNDA2LG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:22RELEASE91:daiquiri-amp-processing-shared-int-001-st
cdnuuid: 3001aae3-8204-47ae-ab84-ae3b742ff2ff-2303510703
cache-control: no-transform, max-age=12755945
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is5-ssl.mzstatic.com/image/thumb/Music112/v4/66/fe/f7/66fef76a-da22-c202-11d1-1275c7227d93/886449637508.jpg/100x100bb.png
200 OK 11 kB URL HTTP/2 is5-ssl.mzstatic.com/image/thumb/Music112/v4/66/fe/f7/66fef76a-da22-c202-11d1-1275c7227d93/886449637508.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 2a8fc603a2af7a1bdee005356fbb5453
a17ad177380db29cbfdbdcf0e66ba7518ba1aa4c
579ad4a710c2aaa5387565ee6dce78e8f5904862c00daaf8db0b2ccb056a00be
GET /image/thumb/Music112/v4/66/fe/f7/66fef76a-da22-c202-11d1-1275c7227d93/886449637508.jpg/100x100bb.png HTTP/1.1
Host: is5-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 11139
x-apple-jingle-correlation-key: TGX5BSL73HVTSKZIGGYQGBSMTE
x-apple-request-uuid: 99afd0c9-7fd9-eb39-2b28-31b103064c99
b3: 99afd0c97fd9eb392b2831b103064c99-0b7b1dcc0094df15
x-b3-traceid: 99afd0c97fd9eb392b2831b103064c99
x-b3-spanid: 0b7b1dcc0094df15
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 22 Jul 2022 11:36:00 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjU4NDg5NzYwMDcyLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMTcyLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE91:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: e623c5e4-a34a-4a21-aff3-9d68658c7074-1222849552
cache-control: no-transform, max-age=14861019
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-14.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is4-ssl.mzstatic.com/image/thumb/Music112/v4/f2/3d/89/f23d8902-addc-b895-ef1b-f0cc1cbbb8cc/dj.xwfjkpeb.jpg/100x100bb.png
200 OK 19 kB URL HTTP/2 is4-ssl.mzstatic.com/image/thumb/Music112/v4/f2/3d/89/f23d8902-addc-b895-ef1b-f0cc1cbbb8cc/dj.xwfjkpeb.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 94db4dcf0b32a627d32f6666100e03f2
d19b00de14e48c67595eef92e91d72b1370dd953
3cb7e044658036a7e933b554a4ea5b2ed4dd7d3ec00c5611f2bbf7516bd8912a
GET /image/thumb/Music112/v4/f2/3d/89/f23d8902-addc-b895-ef1b-f0cc1cbbb8cc/dj.xwfjkpeb.jpg/100x100bb.png HTTP/1.1
Host: is4-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 19111
x-apple-jingle-correlation-key: EDRWXJZD4HIJODQYELHVATQZSU
x-apple-request-uuid: 20e36ba7-23e1-d097-0e18-22cf504e1995
b3: 20e36ba723e1d0970e1822cf504e1995-52c48e9e0c114178
x-b3-traceid: 20e36ba723e1d0970e1822cf504e1995
x-b3-spanid: 52c48e9e0c114178
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 26 Aug 2022 04:56:41 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjYxNDg5ODAxNjE1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMTEyLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE104:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: 3e3e9fb4-bbd5-425e-aa77-253b9d21b493-151786408
cache-control: no-transform, max-age=14932889
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-cache-remote: TCP_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
is2-ssl.mzstatic.com/image/thumb/Music115/v4/d2/48/f4/d248f4ae-a7e4-a48e-1588-6617de3e8d76/mzi.izeorbmm.jpg/100x100bb.png
200 OK 18 kB URL HTTP/2 is2-ssl.mzstatic.com/image/thumb/Music115/v4/d2/48/f4/d248f4ae-a7e4-a48e-1588-6617de3e8d76/mzi.izeorbmm.jpg/100x100bb.png
IP
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 5c1c46668c02fd28e71e2e67bf7edc66
4576a540d6efb3720e0752b1caff7cf51a2b96b6
1b8a1e2a81231d1e1dba771a8a2e983dff7b46dc31909fa1e5626a851c8d100f
GET /image/thumb/Music115/v4/d2/48/f4/d248f4ae-a7e4-a48e-1588-6617de3e8d76/mzi.izeorbmm.jpg/100x100bb.png HTTP/1.1
Host: is2-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/png
content-length: 17570
x-apple-jingle-correlation-key: BXONHZCMJGSHH44FJOBDGGNVIU
x-apple-request-uuid: 0ddcd3e4-4c49-a473-f385-4b823319b545
b3: 0ddcd3e44c49a473f3854b823319b545-bda48a79f2dcfecd
x-b3-traceid: 0ddcd3e44c49a473f3854b823319b545
x-b3-spanid: bda48a79f2dcfecd
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Thu, 19 May 2022 16:33:35 GMT
etag: "MSwxLjI2LTIyRiwyMEUyNDEsMTY1Mjk3ODAxNTIzOCxpc0J1aWxkVmVyc2lvbk5vdFNldCw2MDEyMSxub0VmZmVjdA=="
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:22RELEASE62:daiquiri-amp-processing-shared-int-001-pv
cdnuuid: 0b05e1ab-04cb-4b9d-aa8c-cf21b6acbe66-2009988833
cache-control: no-transform, max-age=9672516
date: Sun, 02 Oct 2022 21:16:34 GMT
x-cache: TCP_HIT from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
X-Firefox-Spdy: h2
en.metrolagu.ru/logo.png
200 OK 358 kB IP
File type PNG image data, 2400 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size 358 kB (358452 bytes)
Hash 9edcb14d64e5bcebf12bbee1ac11f285
7d8a1454b28b91fc0a325e0e6a12638ed8f2cd56
4da1ebc1bb172817003072827342341b22a40be28ce45aafec6e80f058af08ef
GET /logo.png HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:33 GMT
Content-Type: image/png
Content-Length: 358452
Last-Modified: Fri, 06 May 2022 06:40:06 GMT
Connection: keep-alive
ETag: "6274c2c6-57834"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
10945-2.s.cdn15.com/creatives/167365/210217/440864_397f0.png
200 OK 136 kB URL HTTP/2 10945-2.s.cdn15.com/creatives/167365/210217/440864_397f0.png
IP
ASN #61107 Toonbox Studio Ltd
File type PNG image data, 360 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size 136 kB (135646 bytes)
Hash 771a6eef893959998e14465fd407649a
6bbf8eda37ba2b0dde3c5d72951be41e37454d17
aaea511b4ce4f0461d20c3b6a975f3d6fc76ecfe520d7a7c9045027a689566d4
GET /creatives/167365/210217/440864_397f0.png HTTP/1.1
Host: 10945-2.s.cdn15.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://en.metrolagu.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Sun, 02 Oct 2022 21:16:34 GMT
content-type: image/png
content-length: 135646
last-modified: Fri, 22 Jul 2022 20:56:59 GMT
etag: "771a6eef893959998e14465fd407649a"
x-timestamp: 1658523418.75764
x-trans-id: tx6e0e72711df7418e9472a-0062de6bf9
x-openstack-request-id: tx6e0e72711df7418e9472a-0062de6bf9
expires: Wed, 04 Jan 2023 17:55:12 GMT
cache-control: max-age=8109518
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20wMSOOHFcT6gp5oCgf4zgLRdesHq2ojvvXowTQOwGQ5U=
x-served-from: l1
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
x-vhostid: 6586, 24050
accept-ranges: bytes
X-Firefox-Spdy: h2
www.kinogogly.pro/bcc371/4f8a112651cb.js
200 OK 46 kB URL HTTP/2 www.kinogogly.pro/bcc371/4f8a112651cb.js
IP
ASN #61107 Toonbox Studio Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4573471980d1796a5e5c0d992c819a79
c4f77f9575fb1360f7bece80cb4d72cad9e86e44
95b7c42e494b48038986608f9f14b631f2565b5494dbc0f737dc9c6dfaef3984
GET /bcc371/4f8a112651cb.js HTTP/1.1
Host: www.kinogogly.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Sun, 02 Oct 2022 21:16:34 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315359006, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20wMSOOHFcT6gp5oCgf4zgLSW9G0bgBQkxYucKEX6fKtb93GfiwdDVJfpgFbaGtVoq
x-served-from: l1
x-vhostid: 6547, 24477
content-encoding: br
X-Firefox-Spdy: h2
certify-js.alexametrics.com/atrk.js
200 OK 4.3 kB URL HTTP/1.1 certify-js.alexametrics.com/atrk.js
IP
File type ASCII text, with very long lines (4255), with no line terminators
Hash d89453438fbf10dcf4c13265c40d5160
02d5f4e46c94bf34e12b2d773f63f643ea2b3518
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
GET /atrk.js HTTP/1.1
Host: certify-js.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4255
Connection: keep-alive
Date: Sat, 28 May 2022 01:59:52 GMT
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
ETag: "d89453438fbf10dcf4c13265c40d5160"
Cache-Control: max-age=26920000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 e13e8f228afcbd0862f27c6ebd714878.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: fjS46XZff0-2s48608RaqTvcSkiHcnSlTK07FQGcfiMdzB2ghbzQGQ==
Age: 11042203
en.metrolagu.ru/favicon.ico
200 OK 423 B URL HTTP/1.1 en.metrolagu.ru/favicon.ico
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 27adb5d1c85d323ea4ba268466e6483d
81a41159dd4304d6e275f829e075190b7153dc36
f700b9df8528ceb52ea47b4f2e531cfc8dab51136e5e7b176a7a56446d53bf44
GET /favicon.ico HTTP/1.1
Host: en.metrolagu.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Cookie: HstCfa4425006=1664745393784; HstCla4425006=1664745393784; HstCmu4425006=1664745393784; HstPn4425006=1; HstPt4425006=1; HstCnv4425006=1; HstCns4425006=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:34 GMT
Content-Type: image/x-icon
Content-Length: 423
Last-Modified: Fri, 06 May 2022 06:39:24 GMT
Connection: keep-alive
ETag: "6274c29c-1a7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://en.metrolagu.ru/
Content-Type: text/plain;charset=UTF-8
Origin: http://en.metrolagu.ru
Content-Length: 1498
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 02 Oct 2022 21:16:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://en.metrolagu.ru
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9948
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 21:16:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9948
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 21:16:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9948
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 21:16:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9948
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 21:16:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 84477
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11f2e40823827b62bca89d18ee279cb2
fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
content-type: image/jpeg
age: 82717
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 84481
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gloaphoo.net/401/5398930
200 OK 42 kB IP
Hash 2cdc0f070418f376333d2f7404614428
e0bdf9d8b75d4d10f12a8a57aff44f5b7760b158
cd2b87118ccc49d6d099488bc9dcdc7532cc5f499ef8729d55652d8a855a304d
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5398930 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:34 GMT
content-type: application/javascript
x-trace-id: c068c1d7ec1c6c047fa81f549c136125
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=724afce8183648b0b27a9aa0605e44f1; expires=Mon, 02 Oct 2023 21:16:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef85af3ef63e35a54bc15fbca5d7236b
e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ss4zz6K56bzf1oFauX5_GUyy77r5gwLUcEy2GHrxSbBlwaYNjPZuYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:58:03 GMT
age: 83911
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 59734
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5b7e61728ff6d4bf88bbdbe856287f09
1a6c4fa5ae582cfb3eca4b31d86e13085135dfc3
969e380918ef88c2ef942606d4e9fed7e97f828bc419ae840b12bb5be1dc28db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "969E380918EF88C2EF942606D4E9FED7E97F828BC419AE840B12BB5BE1DC28DB"
Last-Modified: Fri, 30 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20749
Expires: Mon, 03 Oct 2022 03:02:23 GMT
Date: Sun, 02 Oct 2022 21:16:34 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3f221772ec0c9958b2c88cae5babcd0b
dc78dc227b42d1d4967d64c81374693440bf3f4f
037c8d5c260b070d810b31fd5d9db67c9aa44f3e103ec170cbd7234210555ba1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 21:16:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 18:25:21 GMT
Expires: Thu, 06 Oct 2022 18:25:20 GMT
Etag: "dc78dc227b42d1d4967d64c81374693440bf3f4f"
Cache-Control: max-age=334725,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754075bbfa27b4ee-OSL
my.rtmark.net/gid.js?userId=9b98f0507e9b4353816f8c40fd7fbb0d
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=9b98f0507e9b4353816f8c40fd7fbb0d
IP
File type JSON data\012- , ASCII text
Hash 4f53a382a7a65ce8ed2afd1187373d7b
959b7f75eca766406a5f4d580f5ac333ffc95b12
f0ff92996262a4cfbafa16da4361bb75483d887cd3ef3aa16ed05f8a069e2e8d
GET /gid.js?userId=9b98f0507e9b4353816f8c40fd7fbb0d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://en.metrolagu.ru
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://en.metrolagu.ru
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9b98f0507e9b4353816f8c40fd7fbb0d; expires=Mon, 02 Oct 2023 21:16:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=MetroLagu.Ru%20-%20Music%20Video%20Tv%20Radio%20Zone&time=1664745394303&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fen.metrolagu.ru%2F&random_number=16950191918&sess_cookie=2065ff791839a8ed07e73bbfd03&sess_cookie_flag=1&user_cookie=2065ff791839a8ed07e73bbfd03&user_cookie_flag=1&dynamic=true&domain=muviza.su&account=hjuUq1Y1Mn20Io&jsv=20130128&user_lang=en-US
200 OK 43 B URL HTTP/1.1 certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=MetroLagu.Ru%20-%20Music%20Video%20Tv%20Radio%20Zone&time=1664745394303&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fen.metrolagu.ru%2F&random_number=16950191918&sess_cookie=2065ff791839a8ed07e73bbfd03&sess_cookie_flag=1&user_cookie=2065ff791839a8ed07e73bbfd03&user_cookie_flag=1&dynamic=true&domain=muviza.su&account=hjuUq1Y1Mn20Io&jsv=20130128&user_lang=en-US
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=MetroLagu.Ru%20-%20Music%20Video%20Tv%20Radio%20Zone&time=1664745394303&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fen.metrolagu.ru%2F&random_number=16950191918&sess_cookie=2065ff791839a8ed07e73bbfd03&sess_cookie_flag=1&user_cookie=2065ff791839a8ed07e73bbfd03&user_cookie_flag=1&dynamic=true&domain=muviza.su&account=hjuUq1Y1Mn20Io&jsv=20130128&user_lang=en-US HTTP/1.1
Host: certify.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 02 Oct 2022 02:09:43 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 f54d9ad301a95e7dcfde675e1cd5ba88.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: nU2qGO_Yo1GAlviRAGyz_zTcOEFPC_LG2mpFRQIlL5VH8ylZ_dG7iw==
Age: 68812
s4i.histats.com/stats/i/4425006.gif?4425006&@f16&@g1&@h1&@i1&@j1664745393784&@k0&@l1&@mMetroLagu.Ru%20-%20Music%20Video%20Tv%20Radio%20Zone&@n0&@o1000&@q0&@r0&@s10049&@ten-US&@u1280&@b1:-182052906&@b3:1664745394&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fen.metrolagu.ru%2F&@w
200 OK 1.4 kB URL HTTP/1.1 s4i.histats.com/stats/i/4425006.gif?4425006&@f16&@g1&@h1&@i1&@j1664745393784&@k0&@l1&@mMetroLagu.Ru%20-%20Music%20Video%20Tv%20Radio%20Zone&@n0&@o1000&@q0&@r0&@s10049&@ten-US&@u1280&@b1:-182052906&@b3:1664745394&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fen.metrolagu.ru%2F&@w
IP
File type PNG image data, 80 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d38c77ab655960bb17c12ee0e89c994
744fbeaeea50f3a8bca72bc94e4381792221bf52
5ea7ac798967364e09b117ca1221f810160895b7535387c387994f5756d5dea1
GET /stats/i/4425006.gif?4425006&@f16&@g1&@h1&@i1&@j1664745393784&@k0&@l1&@mMetroLagu.Ru%20-%20Music%20Video%20Tv%20Radio%20Zone&@n0&@o1000&@q0&@r0&@s10049&@ten-US&@u1280&@b1:-182052906&@b3:1664745394&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fen.metrolagu.ru%2F&@w HTTP/1.1
Host: s4i.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 21:16:34 GMT
Content-Type: image/png
Content-Length: 1380
Connection: close
ETag: -934163311
scentedindication.com/b.XHVashdIGqlQ0RYAWRcx/seDmh9RujZHUJlTkFPqTPQr1/MZjVUyx-N/TOIvtCNiD/UmyWNNT_Ev1sM-wb
200 OK 60 kB URL HTTP/2 scentedindication.com/b.XHVashdIGqlQ0RYAWRcx/seDmh9RujZHUJlTkFPqTPQr1/MZjVUyx-N/TOIvtCNiD/UmyWNNT_Ev1sM-wb
IP
File type Unicode text, UTF-8 text, with very long lines (65510)
Hash ef1948c7217df3e490742d8700ce88fc
a2864aa45375d5d66acdd6cef5494ed2c6175e0d
60e59257f03684a3fde07660ebefa9c2e503f721cb5be478c4b72cd039100f66
GET /b.XHVashdIGqlQ0RYAWRcx/seDmh9RujZHUJlTkFPqTPQr1/MZjVUyx-N/TOIvtCNiD/UmyWNNT_Ev1sM-wb HTTP/1.1
Host: scentedindication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://en.metrolagu.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:33 GMT
content-type: application/javascript
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: http://en.metrolagu.ru
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
last-modified: Sun, 02 Oct 2022 21:16:33 GMT
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NjQ3NDUzOTMsInpvbmVzIjp7IjQ1MjUxNTIiOls0NTI1MTUyLDEsMTY2NDc0NTM5M119fQ==; max-age=1696281394; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=2Z8I7MvYfzFLmg4xHbq0z2jtPv01fKXtRBVzUz5Z71sfNtqn4JMu7GBzIXDIO90TADgTnpQgD8hISHgFqjXbgxDmHZM-KqI-PUKT2CsuNovBbTZUb4apKCJtph82Z4mskp6qgwNwrknMWJGPGfYUvCMpsJtnDdj3i3e8hk9-AJfrL5et6Ktwo6fwxckmtnQTp7CNRbFcIS1AWXwpuxXXlLO5BVI%3D&request_ab2=0&zoneid=5398850&js_build=iclick-v1.431.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.431.0&bs=9b9dc1c7-1bbc-48dd-9862-7fef081a3945&userId=9b98f0507e9b4353816f8c40fd7fbb0d&m=link
200 OK 1.6 kB URL HTTP/1.1 onmarshtompor.com/?rb=2Z8I7MvYfzFLmg4xHbq0z2jtPv01fKXtRBVzUz5Z71sfNtqn4JMu7GBzIXDIO90TADgTnpQgD8hISHgFqjXbgxDmHZM-KqI-PUKT2CsuNovBbTZUb4apKCJtph82Z4mskp6qgwNwrknMWJGPGfYUvCMpsJtnDdj3i3e8hk9-AJfrL5et6Ktwo6fwxckmtnQTp7CNRbFcIS1AWXwpuxXXlLO5BVI%3D&request_ab2=0&zoneid=5398850&js_build=iclick-v1.431.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.431.0&bs=9b9dc1c7-1bbc-48dd-9862-7fef081a3945&userId=9b98f0507e9b4353816f8c40fd7fbb0d&m=link
IP
File type JSON data\012- , ASCII text, with very long lines (2145), with no line terminators
Hash 352a45fa451a111b06141b3aebb8f0b7
aa59b4c4ce14578b0a85e61ca17e9af66935984c
2954c4fc6411f4ce39f1821ebe11c0dc507bfc5019cd8dfa126154ecf39ae4c9
GET /?rb=2Z8I7MvYfzFLmg4xHbq0z2jtPv01fKXtRBVzUz5Z71sfNtqn4JMu7GBzIXDIO90TADgTnpQgD8hISHgFqjXbgxDmHZM-KqI-PUKT2CsuNovBbTZUb4apKCJtph82Z4mskp6qgwNwrknMWJGPGfYUvCMpsJtnDdj3i3e8hk9-AJfrL5et6Ktwo6fwxckmtnQTp7CNRbFcIS1AWXwpuxXXlLO5BVI%3D&request_ab2=0&zoneid=5398850&js_build=iclick-v1.431.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.431.0&bs=9b9dc1c7-1bbc-48dd-9862-7fef081a3945&userId=9b98f0507e9b4353816f8c40fd7fbb0d&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://en.metrolagu.ru/
Origin: http://en.metrolagu.ru
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 21:16:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c2adfd3de42ba883329540683b884508
Access-Control-Allow-Origin: http://en.metrolagu.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=9b98f0507e9b4353816f8c40fd7fbb0d; expires=Mon, 02 Oct 2023 21:16:34 GMT; path=/
oaidts=1664745394; expires=Mon, 02 Oct 2023 21:16:34 GMT; path=/
syncedCookie=true; expires=Sun, 09 Oct 2022 21:16:34 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
gloaphoo.net/500/5398930?excludes=&oaid=9b98f0507e9b4353816f8c40fd7fbb0d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 0 B URL HTTP/2 gloaphoo.net/500/5398930?excludes=&oaid=9b98f0507e9b4353816f8c40fd7fbb0d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5398930?excludes=&oaid=9b98f0507e9b4353816f8c40fd7fbb0d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://en.metrolagu.ru/
Origin: http://en.metrolagu.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:34 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://en.metrolagu.ru
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&gjid=3350161&_gid=2130682927.1664745394&_u=YEBAAUAAAAAAAC~&z=906507634
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&gjid=3350161&_gid=2130682927.1664745394&_u=YEBAAUAAAAAAAC~&z=906507634
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&gjid=3350161&_gid=2130682927.1664745394&_u=YEBAAUAAAAAAAC~&z=906507634 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://en.metrolagu.ru
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://en.metrolagu.ru
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 21:16:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg
200 OK 13 kB URL HTTP/2 offerimage.com/www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 375d4eace3e9692bfe2fc21648f4c59a
57ef9b8278b63d567eab92b8607b68cee29071b8
46005b3961515220591e6df79d2713774deb57a082dda8162c3d182bcad3aa1b
GET /www/images/375d4eace3e9692bfe2fc21648f4c59a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 21:16:35 GMT
content-type: image/jpeg
content-length: 13449
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6231b480-3489"
expires: Mon, 03 Oct 2022 13:39:10 GMT
last-modified: Wed, 16 Mar 2022 09:57:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 27445
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754075bf6e54b500-OSL
X-Firefox-Spdy: h2
gloaphoo.net/500/5398930?excludes=&oaid=9b98f0507e9b4353816f8c40fd7fbb0d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 1.1 kB URL HTTP/2 gloaphoo.net/500/5398930?excludes=&oaid=9b98f0507e9b4353816f8c40fd7fbb0d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash ec112d075dbcc288420517ff4078c879
29cee62f37c31773391e718362e252a2e9283f88
cca4940c21f5d903dcffc854af0591a193f13829366989ffdcdb8c58ec17745e
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5398930?excludes=&oaid=9b98f0507e9b4353816f8c40fd7fbb0d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://en.metrolagu.ru
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Cookie: OAID=724afce8183648b0b27a9aa0605e44f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:35 GMT
content-type: application/javascript
x-trace-id: 107351dec1e4b85159cbc442eeeac07c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://en.metrolagu.ru
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9b98f0507e9b4353816f8c40fd7fbb0d; expires=Mon, 02 Oct 2023 21:16:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&_u=YEBAAUAAAAAAAC~&z=2146025949
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&_u=YEBAAUAAAAAAAC~&z=2146025949
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&_u=YEBAAUAAAAAAAC~&z=2146025949 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 21:16:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&_u=YEBAAUAAAAAAAC~&z=2146025949
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&_u=YEBAAUAAAAAAAC~&z=2146025949
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-123365797-1&cid=1258861356.1664745394&jid=1045215510&_u=YEBAAUAAAAAAAC~&z=2146025949 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 21:16:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scentedindication.com/c.H_VsztauGvl-txZyzz9Ah_ZCEDlEkFP-THQI0JOKD_AMzNMOiPZ-jRdSDT0Um_ZWnXBY2ZP-TbgcwdMeD_AgmhZinjJ-2lPmTnEow_MqDrAswtJ-mvlwtxZyz_1AoBdCHDR-wFcGyHUIz_QKSLUMyNR-iPUQyRRSj_EUwVOWTXQ-1ZLaTbIcu_ceyf5gjhZ-Gj4kxlNmS_5ojpbq2r0-ltMukvZwj_cymzVAhBd-GDlE2FZGX_MIlJMKkLY-xNNOzPEQz_NSTTcUlVM-kXYYyZMaT_YcxdMeTfM-lhMikjYk0_NmDngowpM-zrJsftNuD_VwhxNyzzg-uBcCGD5En_JGnHBIhJe-TL0M4NMOD_AQwRJSnTB-hVeWWX9Y1_daFbBcldc-kfNgshaiW_NkrlPmTnA-mpcqmrVs2_PuTvEwwxM-DzAAwBJCn_NEzFPGTHM-mJcK3LQM9_MOSPZQ6Rb-2T5UlVSWW_QY9ZNaDbU-ydNeTfEg2_MiAj
302 Found 0 B URL HTTP/2 scentedindication.com/c.H_VsztauGvl-txZyzz9Ah_ZCEDlEkFP-THQI0JOKD_AMzNMOiPZ-jRdSDT0Um_ZWnXBY2ZP-TbgcwdMeD_AgmhZinjJ-2lPmTnEow_MqDrAswtJ-mvlwtxZyz_1AoBdCHDR-wFcGyHUIz_QKSLUMyNR-iPUQyRRSj_EUwVOWTXQ-1ZLaTbIcu_ceyf5gjhZ-Gj4kxlNmS_5ojpbq2r0-ltMukvZwj_cymzVAhBd-GDlE2FZGX_MIlJMKkLY-xNNOzPEQz_NSTTcUlVM-kXYYyZMaT_YcxdMeTfM-lhMikjYk0_NmDngowpM-zrJsftNuD_VwhxNyzzg-uBcCGD5En_JGnHBIhJe-TL0M4NMOD_AQwRJSnTB-hVeWWX9Y1_daFbBcldc-kfNgshaiW_NkrlPmTnA-mpcqmrVs2_PuTvEwwxM-DzAAwBJCn_NEzFPGTHM-mJcK3LQM9_MOSPZQ6Rb-2T5UlVSWW_QY9ZNaDbU-ydNeTfEg2_MiAj
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.H_VsztauGvl-txZyzz9Ah_ZCEDlEkFP-THQI0JOKD_AMzNMOiPZ-jRdSDT0Um_ZWnXBY2ZP-TbgcwdMeD_AgmhZinjJ-2lPmTnEow_MqDrAswtJ-mvlwtxZyz_1AoBdCHDR-wFcGyHUIz_QKSLUMyNR-iPUQyRRSj_EUwVOWTXQ-1ZLaTbIcu_ceyf5gjhZ-Gj4kxlNmS_5ojpbq2r0-ltMukvZwj_cymzVAhBd-GDlE2FZGX_MIlJMKkLY-xNNOzPEQz_NSTTcUlVM-kXYYyZMaT_YcxdMeTfM-lhMikjYk0_NmDngowpM-zrJsftNuD_VwhxNyzzg-uBcCGD5En_JGnHBIhJe-TL0M4NMOD_AQwRJSnTB-hVeWWX9Y1_daFbBcldc-kfNgshaiW_NkrlPmTnA-mpcqmrVs2_PuTvEwwxM-DzAAwBJCn_NEzFPGTHM-mJcK3LQM9_MOSPZQ6Rb-2T5UlVSWW_QY9ZNaDbU-ydNeTfEg2_MiAj HTTP/1.1
Host: scentedindication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 02 Oct 2022 21:16:37 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
location: https://10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
x-content-type-options: nosniff
X-Firefox-Spdy: h2
10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
200 OK 9.4 kB URL HTTP/2 10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
IP
ASN #61107 Toonbox Studio Ltd
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 03cfef95b159bac03fd92ca6864284e6
709a5eba38c15a0fb2c9fff295021019877df5c5
53e0793d137cd5a3896a1ca0126b5548b9d67053eb8a8b8feeb5c501beb045aa
GET /creatives/171357/216113/448032_45a78.png HTTP/1.1
Host: 10945-2.s.cdn15.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://en.metrolagu.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ucdn/1.22.0
date: Sun, 02 Oct 2022 21:16:37 GMT
content-type: image/png
content-length: 9418
last-modified: Tue, 27 Sep 2022 12:35:41 GMT
etag: "03cfef95b159bac03fd92ca6864284e6"
x-timestamp: 1664282140.63901
x-trans-id: tx110c496f138d4f98aec28-006332ee22
x-openstack-request-id: tx110c496f138d4f98aec28-006332ee22
expires: Thu, 09 Mar 2023 20:20:57 GMT
cache-control: max-age=13647860
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20GEByJQyhOC8MENovHnWAlKl6rDOZz1zoddCAgTNgNdg=
x-served-from: l1
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
x-vhostid: 6589, 24039
accept-ranges: bytes
X-Firefox-Spdy: h2
gloaphoo.net/impression/g1NqgmCD-AIM4DrDdXtR4FCRlR-YjX4zpKVtEE57vTkGzpOlRcxQRAYHN045iD9j-2hXz6Q3BlitCOQ_YxA_LzQYBdmpcm9hY0rS-G_YGIGKrz469dti5L_DikNyFLQUHFP9NnrMWLQ5U3uY0qYvMAyUEZcelmYLV1GLAZI4p7hILY23yH69o8kMy-xDIOPunCFQNd4bVAPJCULvLupSjQQrC5jPIAcq2kwJ2t4pzaLtkpzis63WdPQTtglIh5cc3qpItDCX-gVI_pHRvqaSy8am10ils6JTRq6X8-j5iZf2P8EtGjqJVGroIQkAEAsSyGjMnp9clzhpTCa_LslbyYpsHUSVdsDikRTO6SkfA-bMrpHOOrbdXGjGBNjLFLYRJKEs6tv8Rg56TfQQrwjedQLRpPx5wUg1yLEp6_5JnHbpgBOOo9ThSZEvZfRH-CRp4ttfjOovxzqs48H252BMQor7m8rPRoWjnCXBM93wZONb02rKyN10T84R1s1e6pLKQyWt_oebzwlJFyN1Yfe_qjotuU-oTz00rYmFQ2fbGrGxYjqvx-WdmzRp1-OBiqWTraCHGLbaXfo62NQQ1LJMfrjm3-2Akgoj?_z=5398930&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 43 B URL HTTP/2 gloaphoo.net/impression/g1NqgmCD-AIM4DrDdXtR4FCRlR-YjX4zpKVtEE57vTkGzpOlRcxQRAYHN045iD9j-2hXz6Q3BlitCOQ_YxA_LzQYBdmpcm9hY0rS-G_YGIGKrz469dti5L_DikNyFLQUHFP9NnrMWLQ5U3uY0qYvMAyUEZcelmYLV1GLAZI4p7hILY23yH69o8kMy-xDIOPunCFQNd4bVAPJCULvLupSjQQrC5jPIAcq2kwJ2t4pzaLtkpzis63WdPQTtglIh5cc3qpItDCX-gVI_pHRvqaSy8am10ils6JTRq6X8-j5iZf2P8EtGjqJVGroIQkAEAsSyGjMnp9clzhpTCa_LslbyYpsHUSVdsDikRTO6SkfA-bMrpHOOrbdXGjGBNjLFLYRJKEs6tv8Rg56TfQQrwjedQLRpPx5wUg1yLEp6_5JnHbpgBOOo9ThSZEvZfRH-CRp4ttfjOovxzqs48H252BMQor7m8rPRoWjnCXBM93wZONb02rKyN10T84R1s1e6pLKQyWt_oebzwlJFyN1Yfe_qjotuU-oTz00rYmFQ2fbGrGxYjqvx-WdmzRp1-OBiqWTraCHGLbaXfo62NQQ1LJMfrjm3-2Akgoj?_z=5398930&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/g1NqgmCD-AIM4DrDdXtR4FCRlR-YjX4zpKVtEE57vTkGzpOlRcxQRAYHN045iD9j-2hXz6Q3BlitCOQ_YxA_LzQYBdmpcm9hY0rS-G_YGIGKrz469dti5L_DikNyFLQUHFP9NnrMWLQ5U3uY0qYvMAyUEZcelmYLV1GLAZI4p7hILY23yH69o8kMy-xDIOPunCFQNd4bVAPJCULvLupSjQQrC5jPIAcq2kwJ2t4pzaLtkpzis63WdPQTtglIh5cc3qpItDCX-gVI_pHRvqaSy8am10ils6JTRq6X8-j5iZf2P8EtGjqJVGroIQkAEAsSyGjMnp9clzhpTCa_LslbyYpsHUSVdsDikRTO6SkfA-bMrpHOOrbdXGjGBNjLFLYRJKEs6tv8Rg56TfQQrwjedQLRpPx5wUg1yLEp6_5JnHbpgBOOo9ThSZEvZfRH-CRp4ttfjOovxzqs48H252BMQor7m8rPRoWjnCXBM93wZONb02rKyN10T84R1s1e6pLKQyWt_oebzwlJFyN1Yfe_qjotuU-oTz00rYmFQ2fbGrGxYjqvx-WdmzRp1-OBiqWTraCHGLbaXfo62NQQ1LJMfrjm3-2Akgoj?_z=5398930&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fen.metrolagu.ru%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Cookie: OAID=9b98f0507e9b4353816f8c40fd7fbb0d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:39 GMT
content-type: image/gif
content-length: 43
x-trace-id: f9711fba5b1349ac327905f23a511df9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
Hash c1445c6c02f9ef832fedf5395f58e9b3
7b37cae6f09583b9fd9ec189d5f77d7c8cef6a43
ace3451100fe94f13bc338bb444f22f65da71867f0902ac5cd3667e56922230f
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 21:16:39 GMT
date: Sun, 02 Oct 2022 21:16:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://en.metrolagu.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 351752
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://en.metrolagu.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 351752
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bedrapiona.com/5/5398850/?oo=1&js_build=iclick-v1.431.0
200 OK 0 B URL HTTP/2 bedrapiona.com/5/5398850/?oo=1&js_build=iclick-v1.431.0
IP
GET /5/5398850/?oo=1&js_build=iclick-v1.431.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://en.metrolagu.ru
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:16:34 GMT
content-type: application/json
x-trace-id: c6173f71dc757ff2ac0095c0caddf58d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://en.metrolagu.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=9b98f0507e9b4353816f8c40fd7fbb0d; expires=Mon, 02 Oct 2023 21:16:34 GMT; path=/; secure; SameSite=None
oaidts=1664745394; expires=Mon, 02 Oct 2023 21:16:34 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.kinogogly.pro/bcc371/4f8a112651cb.js
200 OK 0 B URL HTTP/2 www.kinogogly.pro/bcc371/4f8a112651cb.js
IP
ASN #61107 Toonbox Studio Ltd
GET /bcc371/4f8a112651cb.js HTTP/1.1
Host: www.kinogogly.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: http://en.metrolagu.ru
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Sun, 02 Oct 2022 21:16:34 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315359006, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20wMSOOHFcT6gp5oCgf4zgLSW9G0bgBQkxYucKEX6fKtb93GfiwdDVJfpgFbaGtVoq
x-served-from: l1
x-vhostid: 6547, 24181
content-encoding: br
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
200 OK 0 B IP
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 21:16:33 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: ca2e761da5c4eb69a9402b0a2ed6b417
cache-control: max-age=86400
last-modified: Wed, 28 Sep 2022 07:57:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 03 Oct 2022 19:51:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 5092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3NTHSEh8mOELKR9zVXPdr73Pp4btbDtSZRvdxY6NdLWWUc3EDZqXA4vWsZWidT2iuqUCeGOxhCBxZr8WHMkNWlDWjkyFkcQXCg7IXvxotJvBTNFV7PlkoYkmc7E69ER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754075b7889a0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://en.metrolagu.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 21:16:34 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5093
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3hFS6DoO32l6QEFniPsR3UrKVrMX%2BQR%2BAQjs0WtoIxHMECHXgrs9L1qZVMSKbXnjytgT51bLvRDJ8p6eKJAs93pLOCpQbkHCdBi3Wcw1WRYGU1KQD%2BSp5ACV4Hs9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754075ba7c73b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
92.118.63.217
46.105.201.240
23.38.200.24
139.45.197.239
198.27.80.143
104.21.91.63
185.18.187.89
88.85.69.211