gtf.club/
185.179.190.82301 Moved Permanently 169 B IP 185.179.190.82:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://gtf.club:443/
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18347
Expires: Sat, 28 Jan 2023 22:17:18 GMT
Date: Sat, 28 Jan 2023 17:11:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11090
Expires: Sat, 28 Jan 2023 20:16:21 GMT
Date: Sat, 28 Jan 2023 17:11:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3681
Expires: Sat, 28 Jan 2023 18:12:52 GMT
Date: Sat, 28 Jan 2023 17:11:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 16:43:06 GMT
content-type: application/json
age: 1705
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: byuxXKeedfqvNv/XnpQqb9j8qEhBVi/EliqaYTckiivmlyqHOuosyPNIVBj05U71u8o2Hn98BaQ=
x-amz-request-id: KRQMCNG22HCCHVJ1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 16:21:02 GMT
age: 3029
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 17:11:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 02b021bb68e276ebb4b842458051bc9c
213089e7ef910cd027c9cf612e82ee2ac0847e65
b2e78067ebbcc670014bc61aed98e0d7a4ad3f3b34f1de8c3a27be88dcfd45f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2E78067EBBCC670014BC61AED98E0D7A4AD3F3B34F1DE8C3A27BE88DCFD45F8"
Last-Modified: Fri, 27 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Sat, 28 Jan 2023 23:11:29 GMT
Date: Sat, 28 Jan 2023 17:11:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 16:49:03 GMT
age: 1349
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4401
Expires: Sat, 28 Jan 2023 18:24:53 GMT
Date: Sat, 28 Jan 2023 17:11:32 GMT
Connection: keep-alive
push.services.mozilla.com/
54.200.178.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.178.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gMN1Q/HcJEBcDfqV6x7InQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wT2AfljaPD6QIq+8AyKj+B0OFU8=
gtf.club/
185.179.190.82301 Moved Permanently 0 B IP 185.179.190.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 28 Jan 2023 18:11:33 GMT
Cache-Control: max-age=3600
X-Redirect-By: redirection
Location: https://gtf.club/music
Strict-Transport-Security: max-age=31536000;
gtf.club/music
185.179.190.82301 Moved Permanently 304 B IP 185.179.190.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ddadcbcf78e5a6cfa8c3a0e51f5033dd
493befa4ea7ee932bfc669425f7c867168310d67
584dc58893325e5f6d1fcc8ba06a9b29e2413134bffd75d0b0694354ca487e60
Analyzer Verdict Alert fortinet Malware
GET /music HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:33 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://gtf.club/music/
Strict-Transport-Security: max-age=31536000;
gtf.club/music/
185.179.190.82200 OK 42 kB IP 185.179.190.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (57511), with CRLF, LF line terminators
Hash 31ee5c00ff870984fbb7a3a47c5b49ce
b0aea412a1472c4bcda210329d796da810f4bb21
eb7dfa3a1ae0fb4be6c6dc4db80ec278a9010f2e0d4be74ff472e81646e8a655
Analyzer Verdict Alert fortinet Malware
GET /music/ HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; expires=Sat, 28-Jan-2023 19:11:33 GMT; Max-Age=7200; path=/
gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D; expires=Sat, 28-Jan-2023 19:11:33 GMT; Max-Age=7200; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Sat, 28 Jan 2023 18:41:21 GMT
Date: Sat, 28 Jan 2023 17:11:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Sat, 28 Jan 2023 18:41:21 GMT
Date: Sat, 28 Jan 2023 17:11:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Sat, 28 Jan 2023 18:41:21 GMT
Date: Sat, 28 Jan 2023 17:11:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5387
Expires: Sat, 28 Jan 2023 18:41:21 GMT
Date: Sat, 28 Jan 2023 17:11:34 GMT
Connection: keep-alive
gtf.club/music/client/styles.41f9cd8f18e85618bcff.css
185.179.190.82200 OK 16 kB URL HTTP/1.1 gtf.club/music/client/styles.41f9cd8f18e85618bcff.css
IP 185.179.190.82:0
File type ASCII text, with very long lines (52134)
Hash 664dc3e27a9ba8221f0456dcb48dc895
217dd74c451b40b7b52fea361fd5b144b544cdb4
71178cc064238cc02d2e463d8a533ae61b56cdc67ec61b7daf062bae181bd395
GET /music/client/styles.41f9cd8f18e85618bcff.css HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:34 GMT
Content-Type: text/css
Content-Length: 16520
Connection: keep-alive
Last-Modified: Thu, 07 Oct 2021 11:38:40 GMT
ETag: "1beb1-5cdc1b43f9000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 68134
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 69352
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 69288
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25fd26625a6c5339389faf4f6aa8fc6a
05aed76d3966ea8a02d4bbbeff7b41c8a5aac907
9a29ad65cb7a8632a2c454a4caeb43a10c5152ccf3dbab22d584276bdeeb0dbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5746
x-amzn-requestid: 8ab00078-cdf9-465a-a493-64a488c9e634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwEIJIAMFutA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3f9b5f031812e32f6625f1e6;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jUVP5rlieH6mUh_fgVz4D636AIMAo2JXJqBgzGSI_CyY2-8Pza4IKw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 01:37:10 GMT
age: 56064
etag: "05aed76d3966ea8a02d4bbbeff7b41c8a5aac907"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00zN6NcdSHaq-4mWQeizXw9SDgUZJOFnB_6dTo6skjlytfBuz8ud3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 69252
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 18:36:01 GMT
age: 81333
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gtf.club/music/client/runtime-es2015.898157147968052a8b58.js
185.179.190.82200 OK 1.7 kB URL HTTP/1.1 gtf.club/music/client/runtime-es2015.898157147968052a8b58.js
IP 185.179.190.82:0
File type ASCII text, with very long lines (3318)
Hash 89384c80ad1a045bcc05f79272d71e70
51e7bbc758f63eed2c7f8af524a789a52d6c207a
477b51cf7938d2f2b6fc8b7ce8952a9cf826cac8d67cbf9bc6098bea93218f1b
Analyzer Verdict Alert fortinet Malware
GET /music/client/runtime-es2015.898157147968052a8b58.js HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:34 GMT
Content-Type: application/javascript
Content-Length: 1716
Connection: keep-alive
Last-Modified: Thu, 07 Oct 2021 11:38:40 GMT
ETag: "d36-5cdc1b43f9000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
gtf.club/music/client/polyfills-es2015.f93fa6be99734e20273f.js
185.179.190.82200 OK 22 kB URL HTTP/1.1 gtf.club/music/client/polyfills-es2015.f93fa6be99734e20273f.js
IP 185.179.190.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 28412a8977640c790851a7e0a9ee6ec9
7fde4d1e59a6d03f5db4d2623e66b7ce7b60d308
86926f90ed398877bad27903bf495f6103a615ce2421331e84d79ee7ca000acc
Analyzer Verdict Alert fortinet Malware
GET /music/client/polyfills-es2015.f93fa6be99734e20273f.js HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:34 GMT
Content-Type: application/javascript
Content-Length: 22285
Connection: keep-alive
Last-Modified: Thu, 07 Oct 2021 11:38:40 GMT
ETag: "107b7-5cdc1b43f9000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gtf.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 250660
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4f075ee209f791b11f478c89c883a906
6365113cc8c7f45cddf85c5fb2ae088020291a89
35158fb453561f2389a735ae0d47aeace4d6e513f7511a2fab0cbadff43bf090
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5960
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:34 GMT
Last-Modified: Sat, 28 Jan 2023 15:32:14 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gtf.club/music/client/main-es2015.07f483a3bbaeee2fcb1b.js
185.179.190.82200 OK 421 kB URL HTTP/1.1 gtf.club/music/client/main-es2015.07f483a3bbaeee2fcb1b.js
IP 185.179.190.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 421 kB (421271 bytes)
Hash 96e8ce4de45ba7404b1399accaf2bb58
0c8e201da74250400d7ee2d8e221ca97954d7acd
1573ec996b1057c5037316a06d7a075f9f167ad9aadc42edc95754327705a3fa
Analyzer Verdict Alert fortinet Malware
GET /music/client/main-es2015.07f483a3bbaeee2fcb1b.js HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 07 Oct 2021 11:38:40 GMT
ETag: "18ffcd-5cdc1b43f9000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 182bf4653a156b62e5e75a53b02b1ae3
926c1da08741bf420037df9489f5c34d52e91674
7c12edcecbb8144284bcfc18139f1db35dedc4b95a6c6c528d1d19e348af89a0
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 01 Feb 2023 13:47:45 GMT
ETag: "926c1da08741bf420037df9489f5c34d52e91674"
Last-Modified: Sat, 28 Jan 2023 13:47:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1665
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b5919ab0bb51b-OSL
kraken.rambler.ru/userip
81.19.89.17200 OK 12 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 17:11:34 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://gtf.club
x-srv: 1kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAAEZX1WOLcD8jAVeZVAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAEZX1WOLcD8jAVeZVAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2f0b7f4f208a716bfeae9fddf11243f3
ad4caf365e454762fab9483f10607ea0d5628825
e191614044915c881281e031fc9b5bc86856d04745100d7a40424398068528e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2692
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:35 GMT
Etag: "63d40629-118"
Last-Modified: Sat, 28 Jan 2023 16:26:43 GMT
Server: ECS (amb/6BB5)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2f0b7f4f208a716bfeae9fddf11243f3
ad4caf365e454762fab9483f10607ea0d5628825
e191614044915c881281e031fc9b5bc86856d04745100d7a40424398068528e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2692
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:35 GMT
Last-Modified: Sat, 28 Jan 2023 16:26:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gtf.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 292776
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gtf.club/music/client/favicon/icon-144x144.png
185.179.190.82200 OK 12 kB URL HTTP/1.1 gtf.club/music/client/favicon/icon-144x144.png
IP 185.179.190.82:0
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 742856d64056a065901a6eed34beae73
2f90f90164c550b7459c29960e2f15bed9b133f1
aed478b754f53428dea546107b1c53c35b018ea1dece353c4e2f34682569da47
GET /music/client/favicon/icon-144x144.png HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D; adtech_uid=7f78b419-d1ac-4673-8e14-70c42c4cc044%3Agtf.club; top100_id=t1.6877530.1933492874.1674925898060; t3_sid_6877530=s1.887708965.1674925898063.1674925898536.1.2; last_visit=1674925898066%3A%3A1674925898066; theme=light
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: image/png
Content-Length: 12451
Connection: keep-alive
Last-Modified: Wed, 02 Sep 2020 23:25:11 GMT
ETag: "30a3-5ae5cf26ce3c0"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
IP 142.250.74.106:0
Hash 83c632c2c805c49fe0034a21d62aa4a9
c3cfd74968b1df1f21cd877d5a7877341c007d19
a314f5ff813b3942575c94465027f25516093a8c6cf9b1617d08b4166e18c014
GET /css?family=Roboto:300,400,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 17:11:34 GMT
date: Sat, 28 Jan 2023 17:11:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 15:46:59 GMT
expires: Sat, 28 Jan 2023 17:46:59 GMT
cache-control: public, max-age=7200
age: 5076
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash b9f2178036dc92ef0f2d683d6d61546f
991da51e4e11f74ab1a5cbac585c562ba8c081a0
c375409581ccfb23b77063aecce5f4bd83a1aacb5d39582cb9c6c0a0e57e710b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 01 Feb 2023 14:20:25 GMT
ETag: "991da51e4e11f74ab1a5cbac585c562ba8c081a0"
Last-Modified: Sat, 28 Jan 2023 14:20:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1171
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b591db898b51b-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash b8d4e3b24798912731232fc0d4a4691c
d9a8d2abd55a6acc55e55748abd71bcdb8bfbd18
df146c6ca0e66c23bb9ce7879ccc4554876701047b65551b1fbfef67b4e39b55
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 14:53:12 GMT
ETag: "d9a8d2abd55a6acc55e55748abd71bcdb8bfbd18"
Last-Modified: Sat, 28 Jan 2023 14:53:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 745
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b591dbf161bfa-OSL
gtf.club/music/client/favicon/icon-192x192.png
185.179.190.82200 OK 20 kB URL HTTP/1.1 gtf.club/music/client/favicon/icon-192x192.png
IP 185.179.190.82:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c7bf39f568bfe3c55580cddb03ebdcfa
486f2cd4dc5c503ddeb44c5e410a711b590c3628
0adcdf0a287edd65a29b43e696ed092c677bc2b9069f05643889068d42f88dd5
GET /music/client/favicon/icon-192x192.png HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D; adtech_uid=7f78b419-d1ac-4673-8e14-70c42c4cc044%3Agtf.club; top100_id=t1.6877530.1933492874.1674925898060; t3_sid_6877530=s1.887708965.1674925898063.1674925898536.1.2; last_visit=1674925898066%3A%3A1674925898066; theme=light
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: image/png
Content-Length: 19524
Connection: keep-alive
Last-Modified: Wed, 02 Sep 2020 23:25:11 GMT
ETag: "4c44-5ae5cf26ce3c0"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 867b4636d8898f0daeeb9a4914eca2c0
baedd0d001b05c1f34f89c23ce6fed60cb972011
6e8ad4dfea28ed989bc84303f5bac3e1e7a075fb885d6fe631626d5f1461776e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 14:36:30 GMT
ETag: "baedd0d001b05c1f34f89c23ce6fed60cb972011"
Last-Modified: Sat, 28 Jan 2023 14:36:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1661
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b591dd8dab51b-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 17:11:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=1005009669&t=pageview&_s=1&dl=https%3A%2F%2Fgtf.club%2Fmusic%2F&ul=en-us&de=UTF-8&dt=GTF.CLUB&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=606273385&gjid=1827641848&cid=1646923414.1674925899&tid=UA-27174695-2&_gid=1144260081.1674925899&_r=1&_slc=1&z=2022009705
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1005009669&t=pageview&_s=1&dl=https%3A%2F%2Fgtf.club%2Fmusic%2F&ul=en-us&de=UTF-8&dt=GTF.CLUB&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=606273385&gjid=1827641848&cid=1646923414.1674925899&tid=UA-27174695-2&_gid=1144260081.1674925899&_r=1&_slc=1&z=2022009705
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1005009669&t=pageview&_s=1&dl=https%3A%2F%2Fgtf.club%2Fmusic%2F&ul=en-us&de=UTF-8&dt=GTF.CLUB&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=606273385&gjid=1827641848&cid=1646923414.1674925899&tid=UA-27174695-2&_gid=1144260081.1674925899&_r=1&_slc=1&z=2022009705 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://gtf.club
date: Sat, 28 Jan 2023 17:11:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/?et=pv&v=3.13.5&pid=6877530&tid=t1.6877530.1933492874.1674925898060&rid=1674925898.06-1630223125&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=934058985352480&aduid=7f78b419-d1ac-4673-8e14-70c42c4cc044&aduidsc=gtf.club&stid=887708965_1674925898063&sn=1&sen=1&ce=1&bs=1280x939&rf&en=UTF-8&pt=GTF.CLUB&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Fgtf.club%2Fmusic%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1610639821
81.19.89.17200 OK 43 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.5&pid=6877530&tid=t1.6877530.1933492874.1674925898060&rid=1674925898.06-1630223125&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=934058985352480&aduid=7f78b419-d1ac-4673-8e14-70c42c4cc044&aduidsc=gtf.club&stid=887708965_1674925898063&sn=1&sen=1&ce=1&bs=1280x939&rf&en=UTF-8&pt=GTF.CLUB&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Fgtf.club%2Fmusic%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1610639821
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cnt/?et=pv&v=3.13.5&pid=6877530&tid=t1.6877530.1933492874.1674925898060&rid=1674925898.06-1630223125&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=934058985352480&aduid=7f78b419-d1ac-4673-8e14-70c42c4cc044&aduidsc=gtf.club&stid=887708965_1674925898063&sn=1&sen=1&ce=1&bs=1280x939&rf&en=UTF-8&pt=GTF.CLUB&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Fgtf.club%2Fmusic%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1610639821 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 17:11:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAEdX1WMyaHqBASKX7wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAEdX1WMyaHqBASKX7wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Sat, 28 Jan 2023 17:11:35 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Sat, 28 Jan 2023 18:11:35 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6877530&session_id=887708965_1674925898063&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6877530.1933492874.1674925898060&adtech_uid=7f78b419-d1ac-4673-8e14-70c42c4cc044&adtech_uid_scope=gtf.club&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgtf.club%2Fmusic%2F&request_id=1674925898.06-1630223125&event_id=934058985352480&meta=%7B%22title%22%3A%22GTF.CLUB%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221280x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1213881685
81.19.89.17200 OK 43 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6877530&session_id=887708965_1674925898063&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6877530.1933492874.1674925898060&adtech_uid=7f78b419-d1ac-4673-8e14-70c42c4cc044&adtech_uid_scope=gtf.club&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgtf.club%2Fmusic%2F&request_id=1674925898.06-1630223125&event_id=934058985352480&meta=%7B%22title%22%3A%22GTF.CLUB%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221280x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1213881685
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6877530&session_id=887708965_1674925898063&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6877530.1933492874.1674925898060&adtech_uid=7f78b419-d1ac-4673-8e14-70c42c4cc044&adtech_uid_scope=gtf.club&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgtf.club%2Fmusic%2F&request_id=1674925898.06-1630223125&event_id=934058985352480&meta=%7B%22title%22%3A%22GTF.CLUB%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221280x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1213881685 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 17:11:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAEdX1WMyaHqBATiX7wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAEdX1WMyaHqBATiX7wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=GTF.CLUB;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674925899005%3A1674925899033%3A1%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga;visible=true;_=0.4332415762978107
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=GTF.CLUB;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674925899005%3A1674925899033%3A1%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga;visible=true;_=0.4332415762978107
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=GTF.CLUB;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674925899005%3A1674925899033%3A1%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga;visible=true;_=0.4332415762978107 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 17:11:35 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=GTF.CLUB;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674925899005%3A1674925899033%3A1%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga;visible=true;_=0.4332415762978107
set-cookie: FTID=1RMYgQ0tkIIF:1674925895:2576526:::; path=/; expires=Mon, 29-Jan-24 17:11:35 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 4572a4a277a944ea17359e580f6de9d7
5b118938d17d6b8abfbf024a828beb77cfe02538
7776dd7cc80b6950b1551d1eca4e3f1e3a82a1cf63923cd2de5b377fe0270580
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 15:37:44 GMT
ETag: "5b118938d17d6b8abfbf024a828beb77cfe02538"
Last-Modified: Sat, 28 Jan 2023 15:37:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 763
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b59207cb3b51b-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 4572a4a277a944ea17359e580f6de9d7
5b118938d17d6b8abfbf024a828beb77cfe02538
7776dd7cc80b6950b1551d1eca4e3f1e3a82a1cf63923cd2de5b377fe0270580
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 15:37:44 GMT
ETag: "5b118938d17d6b8abfbf024a828beb77cfe02538"
Last-Modified: Sat, 28 Jan 2023 15:37:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 763
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b59208cdcb51b-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 4572a4a277a944ea17359e580f6de9d7
5b118938d17d6b8abfbf024a828beb77cfe02538
7776dd7cc80b6950b1551d1eca4e3f1e3a82a1cf63923cd2de5b377fe0270580
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 15:37:44 GMT
ETag: "5b118938d17d6b8abfbf024a828beb77cfe02538"
Last-Modified: Sat, 28 Jan 2023 15:37:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 763
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b5920896c1bfa-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 4572a4a277a944ea17359e580f6de9d7
5b118938d17d6b8abfbf024a828beb77cfe02538
7776dd7cc80b6950b1551d1eca4e3f1e3a82a1cf63923cd2de5b377fe0270580
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 15:37:44 GMT
ETag: "5b118938d17d6b8abfbf024a828beb77cfe02538"
Last-Modified: Sat, 28 Jan 2023 15:37:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 763
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b59208c6bb4e8-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 4572a4a277a944ea17359e580f6de9d7
5b118938d17d6b8abfbf024a828beb77cfe02538
7776dd7cc80b6950b1551d1eca4e3f1e3a82a1cf63923cd2de5b377fe0270580
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 15:37:44 GMT
ETag: "5b118938d17d6b8abfbf024a828beb77cfe02538"
Last-Modified: Sat, 28 Jan 2023 15:37:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 763
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790b59209cf0b51b-OSL
mc.yandex.ru/watch/26684202/1?wmode=7&page-url=https%3A%2F%2Fgtf.club%2Fmusic%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3597%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159438126847%3Ahid%3A1061801664%3Az%3A0%3Ai%3A20230128171139%3Aet%3A1674925899%3Ac%3A1%3Arn%3A317939710%3Arqn%3A1%3Au%3A1674925899864327908%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C809%2C0%2C1673%2C0%2C%2C346%2C4%2C%2C%2C%2C3508%3Aco%3A0%3Ans%3A1674925895003%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674925899%3At%3AGTF.CLUB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/26684202/1?wmode=7&page-url=https%3A%2F%2Fgtf.club%2Fmusic%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3597%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159438126847%3Ahid%3A1061801664%3Az%3A0%3Ai%3A20230128171139%3Aet%3A1674925899%3Ac%3A1%3Arn%3A317939710%3Arqn%3A1%3Au%3A1674925899864327908%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C809%2C0%2C1673%2C0%2C%2C346%2C4%2C%2C%2C%2C3508%3Aco%3A0%3Ans%3A1674925895003%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674925899%3At%3AGTF.CLUB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 0c2099067ee5b9ced2631654da8eb5ef
5b05a62cd6e0d7b0f9a33f1c2652baad4deab4bd
aae31abb3503dc26d6455fc1a6c633f406cb116c50d13c401771fc69a31509a8
GET /watch/26684202/1?wmode=7&page-url=https%3A%2F%2Fgtf.club%2Fmusic%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3597%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159438126847%3Ahid%3A1061801664%3Az%3A0%3Ai%3A20230128171139%3Aet%3A1674925899%3Ac%3A1%3Arn%3A317939710%3Arqn%3A1%3Au%3A1674925899864327908%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C809%2C0%2C1673%2C0%2C%2C346%2C4%2C%2C%2C%2C3508%3Aco%3A0%3Ans%3A1674925895003%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674925899%3At%3AGTF.CLUB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Referer: https://gtf.club/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Sat, 28 Jan 2023 17:11:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://gtf.club
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 17:11:35 GMT
last-modified: Sat, 28-Jan-2023 17:11:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
178.154.131.216200 OK 40 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP 178.154.131.216:0
File type gzip compressed data, from Unix\012- data
Hash a62c0b14baeb02a4642d7b4db33e7d78
a36f7dafecf3c598152f716e1b5f899628c21aa9
0c7b0505c38f2a8716f053ff62c5ad43d9c71ad7fd1c270f2d277db83f407112
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 17:11:35 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Sun, 28 Jan 2024 22:59:53 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: c26a76a93b2688dc
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/8bd966b1ebb9efe38c58.js
178.154.131.216200 OK 113 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/8bd966b1ebb9efe38c58.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (65497)
Size 113 kB (113036 bytes)
Hash 0ad372efe8fc0d736134889277837d12
912f023a376b08c56f95a13c44b2ea4e68f8890c
ea8af00518d354acf9f4571a05d7d7e09d5bfd008c3886adbcc3135cdd5e3445
GET /partner-code-bundles/712629/8bd966b1ebb9efe38c58.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 17:11:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 113036
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "0ad372efe8fc0d736134889277837d12"
expires: Mon, 27 Jan 2053 23:45:47 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yandex.ru/ads/system/context.js
5.255.255.60200 OK 88 kB URL HTTP/2 yandex.ru/ads/system/context.js
IP 5.255.255.60:0
File type ASCII text, with very long lines (65492)
Hash df7afed4b28ccd44ad4178b629cf3b94
c71fe28ed0be856e6c70e5511889d6b611c60924
d4d4c390bb9b1a150f9d0ca0fbedd2eb0e669e729addb7035be9e22ffc9a9d5e
GET /ads/system/context.js HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
access-control-allow-origin: *
set-cookie: i=2K4ixGPpsHb+y2K65EDY1B12d8YSycQa58rpyEqP/kK/8eEcyZbMPfp6IgKdqOY5Zp8e9XnrWs3UuAQ1LqDylGpPjSY=; Expires=Mon, 27-Jan-2025 17:11:35 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yashr=5882666481674925895; Path=/; Domain=.yandex.ru; Expires=Sun, 28 Jan 2024 17:11:35 GMT; SameSite=None; Secure; HttpOnly
expires: Sat, 28 Jan 2023 18:11:35 GMT
x-yandex-req-id: 1674925895357168-13734132936718584403-vla1-5292-vla-l7-balancer-8080-BAL-7197
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
content-type: text/javascript; charset=utf-8
content-encoding: br
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/50f74285ee5803022691.js
178.154.131.216200 OK 24 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/50f74285ee5803022691.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (65494)
Hash 07beb91d2fa3826d789571c582f29e38
e50036d61b666246932f0fc714419773d6461008
6968962c662bee3bef58864a266efd30301b98d09118cf87bfcfdf00bb3dd2b9
GET /partner-code-bundles/712629/50f74285ee5803022691.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 17:11:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 23537
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "07beb91d2fa3826d789571c582f29e38"
expires: Mon, 27 Jan 2053 23:44:59 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/07cea2bf8567304efc16.js
178.154.131.216200 OK 7.9 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/07cea2bf8567304efc16.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (23593)
Hash 98aa37fde1bb8ac66df1dc7fce71b501
0dfe5cdc1acb93a5879cf93c69254d884ecb6ff6
3c116d0b11e18cfe05003fc31c7aa1d06caa18c2c8a7f6f177cf3c623ea63623
GET /partner-code-bundles/712629/07cea2bf8567304efc16.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 17:11:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 7926
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "98aa37fde1bb8ac66df1dc7fce71b501"
expires: Mon, 27 Jan 2053 23:45:47 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/2ec9a88e40a26b53acde.js
178.154.131.216200 OK 2.1 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/2ec9a88e40a26b53acde.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (6989)
Hash 68449eb1a345ce83c9031fb5657dbac3
f8460fd9df20b7afccdc2079080a5fb31e052037
189477f88dc071b8c194a9a06b784a4e46e02f6ef65ea8a6013c4f4f1edc4ee5
GET /partner-code-bundles/712629/2ec9a88e40a26b53acde.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 17:11:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 2065
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "68449eb1a345ce83c9031fb5657dbac3"
expires: Mon, 27 Jan 2053 23:45:47 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
gtf.club/music/secure/channel/2?filter=&forAdmin=
185.179.190.82200 OK 21 kB URL HTTP/1.1 gtf.club/music/secure/channel/2?filter=&forAdmin=
IP 185.179.190.82:0
File type JSON data\012- , ASCII text, with very long lines (20665), with no line terminators
Hash 76b7db4f4544a3a4582b34792927f8a5
bfd10636172fc9f49b59542bb957a7cb0a129ff5
be40a6ed887bca089a8eb1f816f6f02fe5b380881ae7584c899ccc51be02dbc7
GET /music/secure/channel/2?filter=&forAdmin= HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9rOTNYV0xaMWlCbU82citVUi9lNVE9PSIsInZhbHVlIjoiZVArdmtxZWJQN2pDMitxUTBBR0RZUkFJTFQyQlNtTjc3SWZXbGRBTW1YR1dKdFB3QmxCRWFGWlczUTVGb0tkS05zZUVQVGhUdkI0YmN3UDBGOER2UW93ODcwemhMS3p0eVdwZUpUdEY3emQzR1BlS3AwaVhuT1VEeTAwSFpDRzciLCJtYWMiOiI0YjVhOWFlYjdiMzZmMjAwNzU4NzI2NTI3ODI0N2YzYjlmZDkxYjI2YzY5MGRjYWJjYzY1MzUwNDRlMThiMDUyIiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6IlVtRjJMUU83Q3RMOERBSUFVNXVYdmc9PSIsInZhbHVlIjoiNmJsSy8rdWUrU3FiZXVhTWdpaXJQNEVoeUJsOXVPeEdFeCtrcnFtaXdJZ0RtY0tqZXR3dmtLZWxBSzVNRDBjQkZtd0VBb1NrWWpKcTk3OGxBKzh6TmxWOXBmWVdXbkRiMFRiaUNvUlE5bFJGTmlIY0NFSVVqdXppckxwaEhFbjgiLCJtYWMiOiJiMzY1MDBlZTVhNzk2NjU5NDllYWVmNjQ0NDU1ZDJlNGFhNjMxNDIzODRiYzExZDRlMTNmZTBkYzRjZjdhYjcyIiwidGFnIjoiIn0%3D; adtech_uid=7f78b419-d1ac-4673-8e14-70c42c4cc044%3Agtf.club; top100_id=t1.6877530.1933492874.1674925898060; t3_sid_6877530=s1.887708965.1674925898063.1674925898063.1.1; last_visit=1674925898066%3A%3A1674925898066; theme=light
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:35 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImhyY2haQXorTUV6QWcrWCt5aVdtREE9PSIsInZhbHVlIjoibFlYT1gzaVJ6QkhXbGJGQ1NhUk0yMUQ3Z0xLa0FvS3BaaFNtaUlwQy9rSEFjNlhFYkpDL2lKTUxqc2gzd2wvQWNIT05LbFBUSnY5SkJNVkM0YXBaOGNaQkQ2MW10MTFSdTc0MU91Ny8wMm1DYU9EdWZwaUpwMEFGbnVNaHoxazciLCJtYWMiOiJiYmYxZjBiNzZkMjUxMmEzZjU5OTZiNTgxY2EyNGI1ODAyY2JiYjFkNGM1ZmEzZGY3NmRmOTNlNTI5NjhmYmY1IiwidGFnIjoiIn0%3D; expires=Sat, 28-Jan-2023 19:11:35 GMT; Max-Age=7200; path=/
gtfclub_session=eyJpdiI6ImNTUExXSHdNanhieXZPOWljcTlUNnc9PSIsInZhbHVlIjoicEZCY3VOaGt3aXNxMWxEYW9SeEp3YzBXc2hBaXJuelJsMnpzUlU3bFYyMWxLR0lCbnFZVFQ3ZWdYblJZdVk4Tm5vbzJBckVmSE41TlZsTVl1N0ZUZGx1OTB2UHdTYmQyLzdrUFNxM1pKMiswaDJlWDNDakM1YXV1N09jRkFFNnMiLCJtYWMiOiIyMjJiZWE3NDNiYWIxYmMxYjY3MzJhYWI5MGJmYWRjNWFmNTNiNWQyZmI3ODQ2YWVjMGQxODBmNjUzZWZjZjgyIiwidGFnIjoiIn0%3D; expires=Sat, 28-Jan-2023 19:11:35 GMT; Max-Age=7200; path=/; httponly
Strict-Transport-Security: max-age=31536000;
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 28 Jan 2023 17:11:36 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sat, 28 Jan 2023 18:11:36 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=GTF.CLUB;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674925899005%3A1674925899033%3A1%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga;visible=true;_=0.4332415762978107
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=GTF.CLUB;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674925899005%3A1674925899033%3A1%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga;visible=true;_=0.4332415762978107
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=GTF.CLUB;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674925899005%3A1674925899033%3A1%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga;visible=true;_=0.4332415762978107 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gtf.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 17:11:36 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674925896:2576526:::; path=/; expires=Mon, 29-Jan-24 17:11:36 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
gtf.club/music/client/assets/icons/merged.svg?v6
185.179.190.82200 OK 43 kB URL HTTP/1.1 gtf.club/music/client/assets/icons/merged.svg?v6
IP 185.179.190.82:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (43130), with no line terminators
Hash 62f8cb0c46813a0d22bb8515b7eae5dd
d2c0a52268adabff8c4a2881cb91d839c4684a9a
79191338292b42c2e462b10151af3483122b526953187c1dc3fd1c2e1eaef911
Analyzer Verdict Alert fortinet Malware
GET /music/client/assets/icons/merged.svg?v6 HTTP/1.1
Host: gtf.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/music/
Cookie: XSRF-TOKEN=eyJpdiI6ImhyY2haQXorTUV6QWcrWCt5aVdtREE9PSIsInZhbHVlIjoibFlYT1gzaVJ6QkhXbGJGQ1NhUk0yMUQ3Z0xLa0FvS3BaaFNtaUlwQy9rSEFjNlhFYkpDL2lKTUxqc2gzd2wvQWNIT05LbFBUSnY5SkJNVkM0YXBaOGNaQkQ2MW10MTFSdTc0MU91Ny8wMm1DYU9EdWZwaUpwMEFGbnVNaHoxazciLCJtYWMiOiJiYmYxZjBiNzZkMjUxMmEzZjU5OTZiNTgxY2EyNGI1ODAyY2JiYjFkNGM1ZmEzZGY3NmRmOTNlNTI5NjhmYmY1IiwidGFnIjoiIn0%3D; gtfclub_session=eyJpdiI6ImNTUExXSHdNanhieXZPOWljcTlUNnc9PSIsInZhbHVlIjoicEZCY3VOaGt3aXNxMWxEYW9SeEp3YzBXc2hBaXJuelJsMnpzUlU3bFYyMWxLR0lCbnFZVFQ3ZWdYblJZdVk4Tm5vbzJBckVmSE41TlZsTVl1N0ZUZGx1OTB2UHdTYmQyLzdrUFNxM1pKMiswaDJlWDNDakM1YXV1N09jRkFFNnMiLCJtYWMiOiIyMjJiZWE3NDNiYWIxYmMxYjY3MzJhYWI5MGJmYWRjNWFmNTNiNWQyZmI3ODQ2YWVjMGQxODBmNjUzZWZjZjgyIiwidGFnIjoiIn0%3D; adtech_uid=7f78b419-d1ac-4673-8e14-70c42c4cc044%3Agtf.club; top100_id=t1.6877530.1933492874.1674925898060; t3_sid_6877530=s1.887708965.1674925898063.1674925898536.1.2; last_visit=1674925898066%3A%3A1674925898066; theme=light; _ga=GA1.2.1646923414.1674925899; _gid=GA1.2.1144260081.1674925899; _gat=1; tmr_lvid=4985980e964394a0ade842f51f4b2782; tmr_lvidTS=1674925899005; _ym_uid=1674925899864327908; _ym_d=1674925899
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 28 Jan 2023 17:11:36 GMT
Content-Type: image/svg+xml
Content-Length: 43130
Connection: keep-alive
Last-Modified: Thu, 07 Oct 2021 11:38:40 GMT
ETag: "a87a-5cdc1b43f9000"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 19dfbb041d03d5791e608a507b250465
d95443857977fc7445bcddac74ab16acf11730bf
cf0d76654a4b979fe72f79b8a80b99313f9892a84ed455321edcf099364f460b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF0D76654A4B979FE72F79B8A80B99313F9892A84ED455321EDCF099364F460B"
Last-Modified: Thu, 26 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8436
Expires: Sat, 28 Jan 2023 19:32:12 GMT
Date: Sat, 28 Jan 2023 17:11:36 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gtf.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 24287
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
142.250.74.35200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9576, version 1.0\012- data
Hash 9b9ec29522d1bf8924ccc2d917e1807b
1df345651c653bba476ab6b8546351ec7f4f018a
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gtf.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:02 GMT
expires: Sat, 27 Jan 2024 02:06:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:58 GMT
content-type: font/woff2
age: 140734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.scdn.co/image/ab67616d00001e02c18194a4022ec44507f7b248
151.101.86.248200 OK 22 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02c18194a4022ec44507f7b248
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 05b9e850b4b02f19236805757b225a04
65082b6c4e637bc5511134b603014a27fde7323d
98a33177a0ddcb8b8ceb631bdac131d675531db8d486384bc714b1114f7d02a7
GET /image/ab67616d00001e02c18194a4022ec44507f7b248 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 22401
Last-Modified: Thu, 08 Sep 2022 14:42:48 GMT
ETag: "05b9e850b4b02f19236805757b225a04"
x-goog-generation: 1662648168113945
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 22401
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 904805
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100166-CHI, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 16115, 18
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e0209f2f176083d10c8c3c822da
151.101.86.248200 OK 38 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e0209f2f176083d10c8c3c822da
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 941429e782b32bf8aecf5992b4026bd9
a1659e77ad31a5b152c7487125025aa8cc15bcbc
c8265bf13beaba816023cd59b9d3603faeccf9cc1b4d9fa413dbd358f3a40a77
GET /image/ab67616d00001e0209f2f176083d10c8c3c822da HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 38025
Last-Modified: Mon, 26 Sep 2022 15:01:49 GMT
ETag: "941429e782b32bf8aecf5992b4026bd9"
x-goog-generation: 1664204509857084
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38025
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 897259
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100170-CHI, cache-bma1639-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 18802, 7
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02125624f2e04f5a1ccb0dfb45
151.101.86.248200 OK 32 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02125624f2e04f5a1ccb0dfb45
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash eeb7a2d57af37f85b333ff5de367a22b
d18dec4475ed8261699394d1c6bf49cc0aba9944
13ba5982b00a9590a39579b49a40303996b1471595fd3d5940e93d3c37e7bd0b
GET /image/ab67616d00001e02125624f2e04f5a1ccb0dfb45 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 31857
Last-Modified: Wed, 21 Sep 2022 19:45:44 GMT
ETag: "eeb7a2d57af37f85b333ff5de367a22b"
x-goog-generation: 1663789544767977
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 31857
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 903516
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100156-CHI, cache-bma1657-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 23635, 7
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02a3b39c1651a617bb09800fd8
151.101.86.248200 OK 24 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02a3b39c1651a617bb09800fd8
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash f55254792225ef7fa0c1259c852a418d
38d60c05d174c7082ac9706663bebb2f960f494b
74a636ce2595fea941e13c62372c36e1a5d7277141b4db03c200f348ba9b52e5
GET /image/ab67616d00001e02a3b39c1651a617bb09800fd8 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 24290
Last-Modified: Thu, 22 Sep 2022 22:39:48 GMT
ETag: "f55254792225ef7fa0c1259c852a418d"
x-goog-generation: 1663886388148717
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 24290
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 357078
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000068-CHI, cache-bma1625-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1193, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02ffe5b62233340cb6d453fc2f
151.101.86.248200 OK 51 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02ffe5b62233340cb6d453fc2f
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 1c75bacb31092844a3ee688f0f0196b2
8dc82bcd38700b10c98e2513d71360cc705c6e1f
2523155e091bcf711a2093ff748390721d043f6a7d1a9a03f2c5a7290f9afaf0
GET /image/ab67616d00001e02ffe5b62233340cb6d453fc2f HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 51275
Last-Modified: Fri, 07 Oct 2022 01:10:26 GMT
ETag: "1c75bacb31092844a3ee688f0f0196b2"
x-goog-generation: 1665105026098507
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 51275
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 807040
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100026-CHI, cache-bma1663-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 10744, 13
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02f65b1ca381b8025bb64133cd
151.101.86.248200 OK 22 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02f65b1ca381b8025bb64133cd
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 540bf9e31fc44afab36bf890067251bf
8a4ea127a49965e9ae1d51f8712f2ad3367c95d2
9138d1329938fae0cd3005b7d589e2a333eddeefdea577fc23b086ed0d7ef61d
GET /image/ab67616d00001e02f65b1ca381b8025bb64133cd HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 21455
Last-Modified: Fri, 07 Oct 2022 01:07:57 GMT
ETag: "540bf9e31fc44afab36bf890067251bf"
x-goog-generation: 1665104877175695
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21455
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 446241
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100163-CHI, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 486, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e024979d551303fc09a92dc59e2
151.101.86.248200 OK 20 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e024979d551303fc09a92dc59e2
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c9fc39ce03b730df64a2fa64444a59d1
e7f8fdc85b25d3d6313b7a4cd2c757c060f5b339
83063a8044984ea8fe540f8001795d7a46a6713c5b093ad8c957e9ecfb15ea56
GET /image/ab67616d00001e024979d551303fc09a92dc59e2 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 19742
Last-Modified: Fri, 16 Sep 2022 23:42:50 GMT
ETag: "c9fc39ce03b730df64a2fa64444a59d1"
x-goog-generation: 1663371770827562
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 19742
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 208062
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000104-CHI, cache-bma1657-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 18, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e0214ce6bbf58f26d1f7a85e4aa
151.101.86.248200 OK 38 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e0214ce6bbf58f26d1f7a85e4aa
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 39bda700f2fe6bbd040bc48482e80466
0648ee0e631aa917dc7e1b91b28ce45edec63411
2477447c1a22bd7b611f826c49fffa99c1c9a38b7ee7f14b02a3678e603a95e8
GET /image/ab67616d00001e0214ce6bbf58f26d1f7a85e4aa HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 37636
Last-Modified: Fri, 30 Sep 2022 04:53:30 GMT
ETag: "39bda700f2fe6bbd040bc48482e80466"
x-goog-generation: 1664513610979228
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37636
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 870121
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100113-CHI, cache-bma1625-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13139, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02916bdaf91fd1a765f7351732
151.101.86.248200 OK 48 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02916bdaf91fd1a765f7351732
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 1a51a99c3ed2ec76dc12d086f9571ff7
2104fe1eb7d9c75eb18f881e28d83f8e0ca38801
4343d78b2656e7471163b7144b3577ac5543e6bc78ae5c6d2bdc937f143e7c86
GET /image/ab67616d00001e02916bdaf91fd1a765f7351732 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 47800
Last-Modified: Fri, 30 Sep 2022 20:14:04 GMT
ETag: "1a51a99c3ed2ec76dc12d086f9571ff7"
x-goog-generation: 1664568844090513
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 47800
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 450607
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100123-CHI, cache-bma1639-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2972, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e023a70fadb04b98f24036022e5
151.101.86.248200 OK 41 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e023a70fadb04b98f24036022e5
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 5c2aabaa5c63ea4af23726f7152fc6a9
797e762ad61f9484fb59cbe03f296ff6106dfe7a
b362ec6264acc7252b64a9c4d0f7382944bc5cc3bee52181b24f510e0304e91b
GET /image/ab67616d00001e023a70fadb04b98f24036022e5 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 41216
Last-Modified: Fri, 07 Oct 2022 02:37:18 GMT
ETag: "5c2aabaa5c63ea4af23726f7152fc6a9"
x-goog-generation: 1665110238504186
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 41216
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 244287
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100053-CHI, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1116, 2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02aaf796449ef2b13ba82353bb
151.101.86.248200 OK 53 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02aaf796449ef2b13ba82353bb
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 8fa46553d2db2e381366b9b619806fc6
1690a1aa32147ad96fa43cc1775bd6dbbc46bd57
4db54bd650fe3e40dbf48cd70ad7b7e1982e042c764f9c81f3487a0d0c12cf36
GET /image/ab67616d00001e02aaf796449ef2b13ba82353bb HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 52739
Last-Modified: Sun, 02 Oct 2022 14:45:08 GMT
ETag: "8fa46553d2db2e381366b9b619806fc6"
x-goog-generation: 1664721908104685
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 52739
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 644142
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100026-CHI, cache-bma1666-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 5729, 15
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02e3a2537d8915e05d8f5d09fa
151.101.86.248200 OK 47 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02e3a2537d8915e05d8f5d09fa
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9a2e31f29fec4def5be96b2eb830a593
4f8626195dfe8eba4cf892ce5010976637c6bf8e
87811cd2e3cbbf1aff296297ae798ce9020f12c9b5ea595dcb539316a61b7366
GET /image/ab67616d00001e02e3a2537d8915e05d8f5d09fa HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 46870
Last-Modified: Fri, 28 Oct 2022 05:56:21 GMT
ETag: "9a2e31f29fec4def5be96b2eb830a593"
x-goog-generation: 1666936581630554
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 46870
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 440809
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100042-CHI, cache-bma1663-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1495, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02bdcbd2a3317bdb308b5d1789
151.101.86.248200 OK 27 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02bdcbd2a3317bdb308b5d1789
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9befb3320d03b1ce7e09423947d4ff50
401eaeed18445831fbbfa01f8b4fcf208e0bbe9e
e79271de5a7003ca3ee72ba4a32ada587e6065b24ed00ad2ce00647236685ec4
GET /image/ab67616d00001e02bdcbd2a3317bdb308b5d1789 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 27322
Last-Modified: Tue, 11 Oct 2022 13:46:49 GMT
ETag: "9befb3320d03b1ce7e09423947d4ff50"
x-goog-generation: 1665496009565141
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 27322
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 433793
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100039-CHI, cache-bma1657-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 693, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e02f7bd2b48db47b8e3770d82d7
151.101.86.248200 OK 12 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e02f7bd2b48db47b8e3770d82d7
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash e312f3507859bdb8943506f0e5145197
b1f43a59f4dd33b1bf05bb508f352c35f82d94a7
fd4aedf63eaf870a8d104bf0ae223c6650008199c050cebb36738f455b94a710
GET /image/ab67616d00001e02f7bd2b48db47b8e3770d82d7 HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 11613
Last-Modified: Fri, 07 Oct 2022 02:21:52 GMT
ETag: "e312f3507859bdb8943506f0e5145197"
x-goog-generation: 1665109312696077
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11613
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 440784
Timing-Allow-Origin: *
X-Served-By: cache-chi-klot8100042-CHI, cache-bma1625-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1146, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
i.scdn.co/image/ab67616d00001e020abe11d67af7f0ae186051fd
151.101.86.248200 OK 28 kB URL HTTP/1.1 i.scdn.co/image/ab67616d00001e020abe11d67af7f0ae186051fd
IP 151.101.86.248:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 600x600, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash df35ef883460befe1fd90f0a1bf97a82
8e58a256dc07c78cfcc8c5366b5475c406ee8c82
170530612d64294f7e6847b08209a498fcdea23b9abfec1280136a6338694575
GET /image/ab67616d00001e020abe11d67af7f0ae186051fd HTTP/1.1
Host: i.scdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 27845
Last-Modified: Thu, 22 Sep 2022 00:06:51 GMT
ETag: "df35ef883460befe1fd90f0a1bf97a82"
x-goog-generation: 1663805211877770
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 27845
Content-Type: image/jpeg
Accept-Ranges: bytes
Date: Sat, 28 Jan 2023 17:11:36 GMT
Age: 384391
Timing-Allow-Origin: *
X-Served-By: cache-chi-kigq8000160-CHI, cache-bma1639-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2423, 1
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
gtfmusic.s3.us-west-002.backblazeb2.com/storage/branding_media/ulToy2kOeHPNtumef4byz7F13YAeSPUFHCykCG7m.png
206.190.215.254200 29 kB URL HTTP/1.1 gtfmusic.s3.us-west-002.backblazeb2.com/storage/branding_media/ulToy2kOeHPNtumef4byz7F13YAeSPUFHCykCG7m.png
IP 206.190.215.254:0
File type PNG image data, 357 x 163, 8-bit/color RGBA, non-interlaced\012- data
Hash efadd45120a7463ca616c8c54f418370
8b57cddbf0b0adac4c50991d5761b93786b0eada
0d13e4d7038711a2f03dd6e5d739b10846ea16ce5f4a84df39ddc255f4b1635a
GET /storage/branding_media/ulToy2kOeHPNtumef4byz7F13YAeSPUFHCykCG7m.png HTTP/1.1
Host: gtfmusic.s3.us-west-002.backblazeb2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Accept-Ranges: bytes
Last-Modified: Sat, 12 Mar 2022 21:36:52 GMT
ETag: "efadd45120a7463ca616c8c54f418370"
x-amz-request-id: 3a88317d9b5972b4
x-amz-id-2: aNiAx1mYkYlE5GziCZUxjUzWJNzQxkTKL
x-amz-version-id: 4_z56313f9bd978eecc75c70112_f1141bcb24069e11f_d20220312_m213652_c002_v0001094_t0023
Content-Type: image/png
Content-Length: 28792
Date: Sat, 28 Jan 2023 17:11:36 GMT
Keep-Alive: timeout=5
Connection: keep-alive
top-fwz1.mail.ru/tracker?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=Latest%20Releases;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674925895003/////1673/1673/1673/1673/1673/1673/1675/2484/2578/2552/2830/3508/3511/5459/5459/;ni=;lvid=1674925899005%3A1674925900465%3A2%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga-ym;visible=true;_=0.5937941489222537;e=RT/load;et=1674925900463
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=Latest%20Releases;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674925895003/////1673/1673/1673/1673/1673/1673/1675/2484/2578/2552/2830/3508/3511/5459/5459/;ni=;lvid=1674925899005%3A1674925900465%3A2%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga-ym;visible=true;_=0.5937941489222537;e=RT/load;et=1674925900463
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=Latest%20Releases;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674925895003/////1673/1673/1673/1673/1673/1673/1675/2484/2578/2552/2830/3508/3511/5459/5459/;ni=;lvid=1674925899005%3A1674925900465%3A2%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga-ym;visible=true;_=0.5937941489222537;e=RT/load;et=1674925900463 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 17:11:36 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674925896:2576526:::; path=/; expires=Mon, 29-Jan-24 17:11:36 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=Latest%20Releases;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1674925899005%3A1674925904028%3A3%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga-ym;visible=true;_=0.7400956519279612;e=RT/unload;et=1674925904023;pvt=6190;vtauto=5029
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=Latest%20Releases;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1674925899005%3A1674925904028%3A3%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga-ym;visible=true;_=0.7400956519279612;e=RT/unload;et=1674925904023;pvt=6190;vtauto=5029
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=2576526;u=https%3A//gtf.club/music/;st=1674925897833;title=Latest%20Releases;s=1280*1024;vp=1280*939;touch=0;hds=1;frame=0;flash=;sid=d4fc7c90f488faca;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1674925899005%3A1674925904028%3A3%3A4985980e964394a0ade842f51f4b2782;opts=jst-ga-ym;visible=true;_=0.7400956519279612;e=RT/unload;et=1674925904023;pvt=6190;vtauto=5029 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 17:11:40 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674925900:2576526:::; path=/; expires=Mon, 29-Jan-24 17:11:40 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/26684202?wmode=7&page-url=https%3A%2F%2Fgtf.club%2Fmusic%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3597%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159438126847%3Ahid%3A1061801664%3Az%3A0%3Ai%3A20230128171139%3Aet%3A1674925899%3Ac%3A1%3Arn%3A317939710%3Arqn%3A1%3Au%3A1674925899864327908%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C809%2C0%2C1673%2C0%2C%2C346%2C4%2C%2C%2C%2C3508%3Aco%3A0%3Ans%3A1674925895003%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674925899%3At%3AGTF.CLUB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/26684202?wmode=7&page-url=https%3A%2F%2Fgtf.club%2Fmusic%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3597%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159438126847%3Ahid%3A1061801664%3Az%3A0%3Ai%3A20230128171139%3Aet%3A1674925899%3Ac%3A1%3Arn%3A317939710%3Arqn%3A1%3Au%3A1674925899864327908%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C809%2C0%2C1673%2C0%2C%2C346%2C4%2C%2C%2C%2C3508%3Aco%3A0%3Ans%3A1674925895003%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674925899%3At%3AGTF.CLUB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
GET /watch/26684202?wmode=7&page-url=https%3A%2F%2Fgtf.club%2Fmusic%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3597%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159438126847%3Ahid%3A1061801664%3Az%3A0%3Ai%3A20230128171139%3Aet%3A1674925899%3Ac%3A1%3Arn%3A317939710%3Arqn%3A1%3Au%3A1674925899864327908%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C809%2C0%2C1673%2C0%2C%2C346%2C4%2C%2C%2C%2C3508%3Aco%3A0%3Ans%3A1674925895003%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674925899%3At%3AGTF.CLUB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gtf.club
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/26684202/1?wmode=7&page-url=https%3A%2F%2Fgtf.club%2Fmusic%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A3597%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159438126847%3Ahid%3A1061801664%3Az%3A0%3Ai%3A20230128171139%3Aet%3A1674925899%3Ac%3A1%3Arn%3A317939710%3Arqn%3A1%3Au%3A1674925899864327908%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C809%2C0%2C1673%2C0%2C%2C346%2C4%2C%2C%2C%2C3508%3Aco%3A0%3Ans%3A1674925895003%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674925899%3At%3AGTF.CLUB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 28 Jan 2023 17:11:35 GMT
access-control-allow-origin: https://gtf.club
set-cookie: yabs-sid=2404738561674925895; Path=/; SameSite=None; Secure
i=57etQyELMm9ktg7xJ0NahebM6o9YCXV5oxFjqvd7W9zpRAIm4OTS57VVWfU+uaGtBzpQKlUiq/Dpq8OMcwlBc7A3T0Y=; Expires=Tue, 25-Jan-2033 17:11:32 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6678969621674925895; Expires=Sun, 28-Jan-2024 17:11:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6678969621674925895; Expires=Sun, 28-Jan-2024 17:11:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706461895.yc.1674925895#1706461895.yrts.1674925895#1706461895.yrtsi.1674925895; Expires=Sun, 28-Jan-2024 17:11:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 17:11:35 GMT
last-modified: Sat, 28-Jan-2023 17:11:35 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.5/usability.js
81.19.89.17200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.13.5/usability.js
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.13.5/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 17:11:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 13:46:21 GMT
x-rgw-object-type: Normal
etag: W/"c057d219824a2c96eba73ee915d4fb84"
x-amz-request-id: tx0000000000002ab5a1474-0063d5550b-f87fab-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAAEZX1WNLaFGIAbX/8gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
st.top100.ru/top100/top100.js
81.19.89.17200 OK 0 B URL HTTP/2 st.top100.ru/top100/top100.js
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gtf.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 17:11:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 13:46:21 GMT
x-rgw-object-type: Normal
etag: W/"8be646a5749885e8313282bc835db0fd"
x-amz-request-id: tx0000000000002ab5a74e7-0063d5562f-f87fab-default
expires: Sat, 28 Jan 2023 18:11:34 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAAEZX1WNLaFGIAZ3/8gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2