Network Analysis
IP Address | Status | Action |
---|---|---|
104.21.55.21 | Active | Moloch |
104.22.18.208 | Active | Moloch |
117.18.232.200 | Active | Moloch |
142.250.204.42 | Active | Moloch |
164.124.101.2 | Active | Moloch |
172.217.25.14 | Active | Moloch |
216.58.220.195 | Active | Moloch |
23.111.9.35 | Active | Moloch |
51.254.201.70 | Active | Moloch |
87.250.250.119 | Active | Moloch |
87.250.251.119 | Active | Moloch |
- TCP Requests
-
-
192.168.56.102:49813 104.21.55.21:443exws.ru
-
192.168.56.102:49814 104.21.55.21:443exws.ru
-
192.168.56.102:49822 104.21.55.21:443exws.ru
-
192.168.56.102:49823 104.21.55.21:443exws.ru
-
192.168.56.102:49825 104.21.55.21:443exws.ru
-
192.168.56.102:49832 104.21.55.21:443exws.ru
-
192.168.56.102:49833 104.21.55.21:443exws.ru
-
192.168.56.102:49836 104.21.55.21:443exws.ru
-
192.168.56.102:49837 104.21.55.21:443exws.ru
-
192.168.56.102:49852 104.21.55.21:443exws.ru
-
192.168.56.102:49853 104.21.55.21:443exws.ru
-
192.168.56.102:49854 104.21.55.21:443exws.ru
-
192.168.56.102:49855 104.21.55.21:443exws.ru
-
192.168.56.102:49858 104.21.55.21:443exws.ru
-
192.168.56.102:49859 104.21.55.21:443exws.ru
-
192.168.56.102:49834 104.22.18.208:443www.free-kassa.ru
-
192.168.56.102:49835 104.22.18.208:443www.free-kassa.ru
-
192.168.56.102:49861 117.18.232.200:80
-
192.168.56.102:49819 142.250.204.42:443fonts.googleapis.com
-
192.168.56.102:49821 142.250.204.42:443fonts.googleapis.com
-
192.168.56.102:49797 172.217.25.14:443
-
192.168.56.102:49826 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49827 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49828 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49829 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49830 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49831 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49838 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49842 216.58.220.195:443fonts.gstatic.com
-
192.168.56.102:49820 23.111.9.35:443use.fontawesome.com
-
192.168.56.102:49843 51.254.201.70:443www.webmoney.ru
-
192.168.56.102:49844 51.254.201.70:443www.webmoney.ru
-
192.168.56.102:49845 87.250.250.119:443mc.yandex.ru
-
192.168.56.102:49846 87.250.250.119:443mc.yandex.ru
-
192.168.56.102:49839 87.250.251.119:443mc.yandex.ru
-
192.168.56.102:49840 87.250.251.119:443mc.yandex.ru
-
- UDP Requests
-
-
192.168.56.102:50538 164.124.101.2:53
-
192.168.56.102:50839 164.124.101.2:53
-
192.168.56.102:51857 164.124.101.2:53
-
192.168.56.102:54221 164.124.101.2:53
-
192.168.56.102:54660 164.124.101.2:53
-
192.168.56.102:57660 164.124.101.2:53
-
192.168.56.102:61459 164.124.101.2:53
-
192.168.56.102:61998 164.124.101.2:53
-
192.168.56.102:62039 164.124.101.2:53
-
192.168.56.102:62461 164.124.101.2:53
-
192.168.56.102:137 192.168.56.255:137
-
192.168.56.102:138 192.168.56.255:138
-
192.168.56.102:49152 239.255.255.250:3702
-
192.168.56.102:56752 239.255.255.250:1900
-
192.168.56.102:57661 239.255.255.250:3702
-
192.168.56.102:57663 239.255.255.250:3702
-
192.168.56.102:57665 239.255.255.250:3702
-
52.231.114.183:123 192.168.56.102:123
-
GET
302
https://exws.ru/downloads/
REQUEST
RESPONSE
BODY
GET /downloads/ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
HTTP/1.1 302 Found
Date: Mon, 26 Apr 2021 00:19:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; expires=Wed, 26-May-21 00:19:03 GMT; path=/; domain=.exws.ru; HttpOnly; SameSite=Lax
Location: https://exws.ru/downloads/login.php
CF-Cache-Status: DYNAMIC
cf-request-id: 09ad24505f0000e7d9c3098000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SVC44lHUtOMPlYzi2EXnGntPe5TQs2RDn66p%2BLIniYUsufPtmR%2BkaWPPjLXXQh3R2Wj%2BimPQAkqNXKqQiuNXA4H2hChNwIkV"}],"max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba32d6fe0e7d9-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
302
https://exws.ru/downloads/login.php
REQUEST
RESPONSE
BODY
GET /downloads/login.php HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 302 Found
Date: Mon, 26 Apr 2021 00:19:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://exws.ru/downloads/usercp.php?msg=ТÑебÑеÑÑÑ%20авÑоÑизаÑиÑ:
CF-Cache-Status: DYNAMIC
cf-request-id: 09ad2452c7000005286704d000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kjTzAASd8twK7EcdhftKoUa39VhqUrwVPRWQ5e55rZiOskjFqZGkovY4slW1YzHXMwCsmxEng3D3lrvf1bQNaLVkismc9ozN"}],"max_age":604800,"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3313e6b0528-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/downloads/usercp.php?msg=Требуется%20авторизация:
REQUEST
RESPONSE
BODY
GET /downloads/usercp.php?msg=ТÑебÑеÑÑÑ%20авÑоÑизаÑиÑ: HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
cf-request-id: 09ad2454fd0000e7d9e38cc000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E6FHRVLWbXhdrsGctSNBjqpZqHDXDHZOMMts0UpignYAox1Dxe64eUJkO%2BnPdkDAJyy6DzyOpJT5LRZ3ZORwaLsGqENxRyd1"}],"max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba334cc8ae7d9-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
0
https://exws.ru/css/bootstrap.min.css
REQUEST
RESPONSE
BODY
GET /css/bootstrap.min.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
GET
200
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600%7CPoppins:300,400,500,600&subset=cyrillic
REQUEST
RESPONSE
BODY
GET /css?family=Open+Sans:300,400,600%7CPoppins:300,400,500,600&subset=cyrillic HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 26 Apr 2021 00:19:05 GMT
Date: Mon, 26 Apr 2021 00:19:05 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked
GET
200
https://exws.ru/css/bootstrap.min.css
REQUEST
RESPONSE
BODY
GET /css/bootstrap.min.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:07 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-1da0e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2459b5000042bd7e287000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5wLOLKHb8RSydRjSvxV8U6kMxByOuqbSbO6bfyeODzqXtB9eVfGzyVz%2BS4coI6Vcz85JgOwr%2BSil7ttmFhfsINS5sDaIKpmw"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba33c5bf442bd-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/css/style.css
REQUEST
RESPONSE
BODY
GET /css/style.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-12ad2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad245eb30000053092168000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5xEwa24uU%2B2oc575qwEUc8NIvfc%2BkxBrwi2zc4KxYo9aGUZlexxzD3KUv7norFXm3RDnwgOG4Hi%2FRu5UuQ6AgDs2xmmfRWo3"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3445ae90530-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/css/sparkicons.css
REQUEST
RESPONSE
BODY
GET /css/sparkicons.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-617"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2462cf000042bd6c987000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jioYnwbmkm6Q55homYqKlXvFeRDD%2B31T85SCu8ZzysshbH%2BDwoZMyMo4XO%2FmcJFR%2FFzivFKqfmiK%2FooEtVZWPW%2FFL9lKf7iT"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba34aded242bd-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/css/et-line.css
REQUEST
RESPONSE
BODY
GET /css/et-line.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-1b8d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad246502000005308ab1e000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2BAxMI5kN66SMprvR2WQzyLOUAI%2FUdTBTUnWBHp6qC8ra6DaCQGNWVnqzcjjzgUh18ogOzAStS%2FKvFv8lhP7D8b8siCz%2BtDY"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba34e68d40530-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/css/themify-icons.css
REQUEST
RESPONSE
BODY
GET /css/themify-icons.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-402d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad246749000042bd2da81000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZfN6HmARn9f2q7DiDPRtX4FR52OJv9QN3i5HPHMHCxTcXaLFBeUy8ZOGs%2F%2FHA8DyGJZnsyhbtMyAzwkDU9pHz6yDPuFfmnh"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3520f5142bd-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/css/owl.carousel.css
REQUEST
RESPONSE
BODY
GET /css/owl.carousel.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-1223"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad246a51000005305bbbe000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ktiJA%2Bt9NuAP1Ciy13jOj%2F%2FhijZmKD%2FH6nTAlsQSZRytMEe7INwQVNTRrHzyL%2BsxARM0ghHgq%2FwFwTQcZoJsoi%2F6NNKwjhkl"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba356eaa40530-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/css/magnific-popup.css
REQUEST
RESPONSE
BODY
GET /css/magnific-popup.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-1c4d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad246cb0000042bd4206a000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tYFiHXRB4rYSdrbfaPsPUi23gcqzA6K795nflhzVDud%2BE3h0CvLuudVQdSMPB1lc2H%2FUySgVD7js0YB1Ybqzo1SDa65BaZDb"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba35abd6d42bd-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
404
https://exws.ru/downloads/templates/default/default.css
REQUEST
RESPONSE
BODY
GET /downloads/templates/default/default.css HTTP/1.1
Accept: text/css
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad246efe000005308fa04000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6GvgCd62V7%2ByTnbbnGRMSwc%2BdgWc2%2BzLmTxAyjfWV0gLuv3YcvKwgMHF7lsWApsjEltGM2%2FqstMHNgGrazY6ZAqZy%2BWZQNzo"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba35e6b850530-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://use.fontawesome.com/releases/v5.0.6/js/all.js
REQUEST
RESPONSE
BODY
GET /releases/v5.0.6/js/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: use.fontawesome.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Thu, 25 Jan 2018 22:27:39 GMT
ETag: W/"44f077b456f3decb0d1b00769927c002"
Cache-Control: max-age=31556926
Server: NetDNA-cache/2.2
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
X-Cache: HIT
Content-Encoding: gzip
GET
200
https://exws.ru/images/logotype/logo-white.png
REQUEST
RESPONSE
BODY
GET /images/logotype/logo-white.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:12 GMT
Content-Type: image/png
Content-Length: 16756
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: "5f00f268-4174"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
cf-request-id: 09ad247142000042bd3b9c8000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PaHj1lTcIh5RZwsACTHMQs%2B3iNapOWMwtXJ8iJx%2Bl%2BgfOwV%2B7Ozn5xYiY5RhPrFTfmgWX1xSBK6sL7mXwqyr4rjwmvt%2FkJXs"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba362093642bd-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0d.woff
REQUEST
RESPONSE
BODY
GET /s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0d.woff HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 24592
Date: Fri, 23 Apr 2021 04:29:45 GMT
Expires: Sat, 23 Apr 2022 04:29:45 GMT
Last-Modified: Tue, 15 Sep 2020 18:09:23 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 244167
Cache-Control: public, max-age=31536000
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET
200
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOVuhv.woff
REQUEST
RESPONSE
BODY
GET /s/opensans/v18/mem5YaGs126MiZpBA-UNirkOVuhv.woff HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 25284
Date: Fri, 23 Apr 2021 19:46:02 GMT
Expires: Sat, 23 Apr 2022 19:46:02 GMT
Last-Modified: Tue, 15 Sep 2020 18:09:42 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 189190
Cache-Control: public, max-age=31536000
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET
200
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff
REQUEST
RESPONSE
BODY
GET /s/poppins/v15/pxiEyp8kv8JHgFVrJJfedA.woff HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 10536
Date: Fri, 23 Apr 2021 19:21:33 GMT
Expires: Sat, 23 Apr 2022 19:21:33 GMT
Last-Modified: Thu, 05 Nov 2020 22:02:02 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 190659
Cache-Control: public, max-age=31536000
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET
200
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OVuhv.woff
REQUEST
RESPONSE
BODY
GET /s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OVuhv.woff HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 25228
Date: Fri, 23 Apr 2021 20:47:17 GMT
Expires: Sat, 23 Apr 2022 20:47:17 GMT
Last-Modified: Tue, 15 Sep 2020 18:09:25 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 185515
Cache-Control: public, max-age=31536000
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET
200
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlEw.woff
REQUEST
RESPONSE
BODY
GET /s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlEw.woff HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 10504
Date: Sat, 24 Apr 2021 01:51:36 GMT
Expires: Sun, 24 Apr 2022 01:51:36 GMT
Last-Modified: Thu, 05 Nov 2020 22:01:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 167256
Cache-Control: public, max-age=31536000
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET
200
https://exws.ru/images/logotype/logo-dark.png
REQUEST
RESPONSE
BODY
GET /images/logotype/logo-dark.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:13 GMT
Content-Type: image/png
Content-Length: 16675
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: "5f00f268-4123"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
cf-request-id: 09ad2472590000e7983e8db000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X%2BsKycH33Z%2Bk1xIpRDHVujzVQntiNdvqvkmSO6iUqf7Ckt4%2Bb5ExEkvyrIvgud8BsAMOlJBXeqA4arxC4aCgy5ol2yC%2Bj%2B6K"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba363cc4ee798-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/images/screen/launcher.png
REQUEST
RESPONSE
BODY
GET /images/screen/launcher.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:13 GMT
Content-Type: image/png
Content-Length: 255088
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: "5f00f268-3e470"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
cf-request-id: 09ad24729e0000053432b76000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zx2tYRVhjZ%2BhzrToC%2FOoPKIubjt3MdcYaeDnAuGpKWk1Zbdv9KxG4%2FcG1v%2FY2W51uA7io1SNl5Xhky0jEKSxYhb1545d8Pgd"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba3642b780534-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
REQUEST
RESPONSE
BODY
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Apr 2021 08:33:47 GMT
ETag: W/"6076a8eb-4d7"
cf-request-id: 09ad2472b30000429f21aca000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sp02bfwPvLqRZ3VvI1u6gGP0Uc5JA3Qe1Co2KVLRNcpVO%2Bs8J8uQBTagCf3LlLBHKMrVbSS%2FOJFyAMHOKnzMdaLLLcN8DLW3"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3645fb6429f-LAX
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 28 Apr 2021 00:19:12 GMT
Cache-Control: max-age=172800
Cache-Control: public
Content-Encoding: gzip
GET
200
https://exws.ru/fonts/sparkicons.eot@wwjpvu
REQUEST
RESPONSE
BODY
GET /fonts/sparkicons.eot@wwjpvu HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:13 GMT
Content-Type: application/octet-stream
Content-Length: 3904
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: "5f00f268-f40"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
cf-request-id: 09ad2472b00000361517a43000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zr2i1t%2B3Gn0rLlXKuEozgJ%2FFxDBpjNg6Tw5JM28tEmNtJ5gBy6m47%2FYktMnMzjDq8HREqj3W%2FTHm7e%2FEClGR9jJhQuN7Lm3y"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3644aac3615-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/fonts/et-line.eot@
REQUEST
RESPONSE
BODY
GET /fonts/et-line.eot@ HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:13 GMT
Content-Type: application/octet-stream
Content-Length: 32694
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: "5f00f268-7fb6"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
cf-request-id: 09ad2472c40000058d0f275000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gpLCgWOGXcuxToeyldnCelADvCIf7spV6fX6qP7dJ0Y2PSL3Txgo6TjTkT21UO6GGhV0uhkve%2FIf%2B6gXoK2FjidrTQV74uwt"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba36468b6058d-LAX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlEw.woff
REQUEST
RESPONSE
BODY
GET /s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlEw.woff HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 10380
Date: Sat, 24 Apr 2021 17:40:17 GMT
Expires: Sun, 24 Apr 2022 17:40:17 GMT
Last-Modified: Thu, 05 Nov 2020 22:01:53 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 110335
Cache-Control: public, max-age=31536000
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET
0
https://www.free-kassa.ru/img/fk_btn/16.png
REQUEST
RESPONSE
BODY
GET /img/fk_btn/16.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: www.free-kassa.ru
Connection: Keep-Alive
HTTP/1.1 403 Forbidden
Date: Mon, 26 Apr 2021 00:19:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
CF-Chl-Bypass: 1
Set-Cookie: __cfduid=d9b9de532588f44c8cb17c167438b47d11619396352; expires=Wed, 26-May-21 00:19:12 GMT; path=/; domain=.free-kassa.ru; HttpOnly; SameSite=Lax; Secure
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
cf-request-id: 09ad2473070000f8eb2a1fb000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 645ba364daecf8eb-NRT
Content-Encoding: gzip
GET
404
https://exws.ru/downloads/js/vendor/jquery-2.2.0.min.js
REQUEST
RESPONSE
BODY
GET /downloads/js/vendor/jquery-2.2.0.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2473740000429f21ae2000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=icvmj4BRb0kD2nlEEJr2P54FU1Emyc26hfIETXQfl%2B1yHi24WgZ01uB11NnNF%2FqtqwnjR5Ba2hrzCSIMrmQvBHuKIbAZHY9L"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3657ae3429f-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlEw.woff
REQUEST
RESPONSE
BODY
GET /s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlEw.woff HTTP/1.1
Accept: */*
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Origin: https://exws.ru
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 10612
Date: Sat, 24 Apr 2021 01:46:10 GMT
Expires: Sun, 24 Apr 2022 01:46:10 GMT
Last-Modified: Thu, 05 Nov 2020 22:02:11 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Age: 167582
Cache-Control: public, max-age=31536000
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET
404
https://exws.ru/downloads/js/vendor/isotope.pkgd.min.js
REQUEST
RESPONSE
BODY
GET /downloads/js/vendor/isotope.pkgd.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2475b1000042bd9c80e000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LpxcVzTTGn8rK0B20QxM6LWQj4vhYrWd8i6pJ6QSUgIKnvM38hgFKZLFk0r4hNins81VF1oQOsGFgAzO92i22Hp9CqR1SXeP"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba36919bb42bd-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://informer.yandex.ru/informer/36586115/3_0_202020FF_000000FF_1_pageviews
REQUEST
RESPONSE
BODY
GET /informer/36586115/3_0_202020FF_000000FF_1_pageviews HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: informer.yandex.ru
Connection: Keep-Alive
HTTP/1.1 200 Ok
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 1287
Content-Type: image/png
Expires: Mon, 26-Apr-2021 00:19:13 GMT
Last-Modified: Mon, 26-Apr-2021 00:19:13 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
GET
200
https://www.webmoney.ru/img/icons/88x31_wm_white_blue.png
REQUEST
RESPONSE
BODY
GET /img/icons/88x31_wm_white_blue.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: www.webmoney.ru
Connection: Keep-Alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Apr 2021 00:19:13 GMT
Content-Type: image/png
Content-Length: 3301
Last-Modified: Mon, 22 May 2017 14:31:18 GMT
Connection: keep-alive
ETag: "5922f636-ce5"
Expires: Tue, 27 Apr 2021 00:19:13 GMT
Cache-Control: max-age=86400
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
GET
200
https://mc.yandex.ru/metrika/tag.js
REQUEST
RESPONSE
BODY
GET /metrika/tag.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Length: 78199
Content-Type: application/javascript
Date: Mon, 26 Apr 2021 00:19:13 GMT
ETag: "6082dd3b-13177"
Expires: Mon, 26 Apr 2021 01:19:13 GMT
Last-Modified: Fri, 23 Apr 2021 14:44:11 GMT
Strict-Transport-Security: max-age=31536000
GET
404
https://exws.ru/downloads/js/owl.carousel.min.js
REQUEST
RESPONSE
BODY
GET /downloads/js/owl.carousel.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2477ea000036151d2ed000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nCAxfBHcAJWg2DRs8OwyHS4JThCu6tKe0icAIMEMwlrb3p25v0d%2BlgZY2OyFXXd2%2F2Bhv43swNSVPELlvHc2ezdUGvo%2BeNnq"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba36cacad3615-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
404
https://exws.ru/downloads/js/smoothscroll.js
REQUEST
RESPONSE
BODY
GET /downloads/js/smoothscroll.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad247a1d0000e79858ae4000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s80S57Qr1Wa5TWq4dWOsvRRiu4CqEpzTcKXlqUILX0VVY1c%2FyTqBsgZ%2FJrnb2Z5h4BofNwl3EDMf10ahdYpDsti6tO8iVs9t"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba3702b6be798-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
302
https://mc.yandex.ru/watch/36586115?callback=_ymjsp696528223&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afp%3A6737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175855%3Aet%3A1619427536%3Ac%3A1%3Arn%3A611767612%3Arqn%3A1%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A0%2C0%2C0%2C3%2C1%2C1%2C1%2C22%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427536%3At%3AEXWS.RU%20-%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BE%D0%BA%20%D0%B8%20%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&wmode=5
REQUEST
RESPONSE
BODY
GET /watch/36586115?callback=_ymjsp696528223&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afp%3A6737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175855%3Aet%3A1619427536%3Ac%3A1%3Arn%3A611767612%3Arqn%3A1%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A0%2C0%2C0%2C3%2C1%2C1%2C1%2C22%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427536%3At%3AEXWS.RU%20-%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BE%D0%BA%20%D0%B8%20%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&wmode=5 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
HTTP/1.1 302 Moved temporarily
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Date: Mon, 26 Apr 2021 00:19:14 GMT
Expires: Mon, 26-Apr-2021 00:19:14 GMT
Last-Modified: Mon, 26-Apr-2021 00:19:14 GMT
Location: /watch/36586115/1?callback=_ymjsp696528223&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afp%3A6737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175855%3Aet%3A1619427536%3Ac%3A1%3Arn%3A611767612%3Arqn%3A1%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A0%2C0%2C0%2C3%2C1%2C1%2C1%2C22%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427536%3At%3AEXWS.RU%20-%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BE%D0%BA%20%D0%B8%20%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&wmode=5
Pragma: no-cache
Set-Cookie: yandexuid=9098223541619396354; Expires=Thu, 24-Apr-2031 00:19:14 GMT; Domain=.yandex.ru; Path=/
Set-Cookie: yabs-sid=1490421271619396354; Path=/
Set-Cookie: i=3yw3oFP09d7ej2uzxGSe4ADDJ93WJgu02kpDC9VktrStxMAvCHbpcEBTYnC0vhhDF2FB8cH0I0M0EIiAVmWRMvDIS6M=; Expires=Thu, 24-Apr-2031 00:19:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
Set-Cookie: ymex=1934756354.yrts.1619396354#1934756354.yrtsi.1619396354; Expires=Tue, 26-Apr-2022 00:19:14 GMT; Domain=.yandex.ru; Path=/
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
GET
200
https://mc.yandex.ru/metrika/advert.gif
REQUEST
RESPONSE
BODY
GET /metrika/advert.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 43
Content-Type: image/gif
Date: Mon, 26 Apr 2021 00:19:14 GMT
ETag: "6082dd3b-2b"
Expires: Mon, 26 Apr 2021 01:19:14 GMT
Last-Modified: Fri, 23 Apr 2021 14:44:11 GMT
Strict-Transport-Security: max-age=31536000
GET
0
https://exws.ru/downloads/js/plugins.js
REQUEST
RESPONSE
BODY
GET /downloads/js/plugins.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; _ym_uid=1619427536570725093; _ym_d=1619427536
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad247c6d0000058d19ab1000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aA6a3CcHty4bwbfyLaC4pIaYEIjXvGcporlhWgHs2mH2EDMDe7hZPLKNMRAMWmctWAnngaDsU%2FBIZlazXJWBGeMm%2F9iEoyq1"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba373e9e5058d-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://mc.yandex.ru/watch/36586115/1?callback=_ymjsp696528223&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afp%3A6737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175855%3Aet%3A1619427536%3Ac%3A1%3Arn%3A611767612%3Arqn%3A1%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A0%2C0%2C0%2C3%2C1%2C1%2C1%2C22%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427536%3At%3AEXWS.RU%20-%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BE%D0%BA%20%D0%B8%20%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&wmode=5
REQUEST
RESPONSE
BODY
GET /watch/36586115/1?callback=_ymjsp696528223&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afp%3A6737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175855%3Aet%3A1619427536%3Ac%3A1%3Arn%3A611767612%3Arqn%3A1%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A0%2C0%2C0%2C3%2C1%2C1%2C1%2C22%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427536%3At%3AEXWS.RU%20-%20%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BE%D0%BA%20%D0%B8%20%D0%BE%D0%B1%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&wmode=5 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
HTTP/1.1 200 Ok
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 215
Content-Type: application/javascript
Date: Mon, 26 Apr 2021 00:19:15 GMT
Expires: Mon, 26-Apr-2021 00:19:15 GMT
Last-Modified: Mon, 26-Apr-2021 00:19:15 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
GET
404
https://exws.ru/downloads/js/jquery.magnific-popup.min.js
REQUEST
RESPONSE
BODY
GET /downloads/js/jquery.magnific-popup.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; _ym_uid=1619427536570725093; _ym_d=1619427536; _ym_isad=2
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad247e9c0000053428299000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jmXkukRrap%2FnclJK8nqZ7otQ65o%2F9XDk0l1aioXUqcC%2Bp%2BiDAsbo5SB2svevV%2F0%2F%2FgXBrExpieegMQIFs8cLEUkv%2F99g0Caf"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba3776d620534-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
404
https://exws.ru/downloads/js/jquery.ajaxchimp.min.js
REQUEST
RESPONSE
BODY
GET /downloads/js/jquery.ajaxchimp.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; _ym_uid=1619427536570725093; _ym_d=1619427536; _ym_isad=2
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad24844800000540ea24d000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=85vP6YO35UvfMhQREC7YzK%2Fllbt36LeV7q4HSrv8huBz8bkWhoEfxaJrs5RZW8VgBCx5CxhXtLIoHyp2g%2F5uwyXag%2FYEPagQ"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3807b9d0540-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
404
https://exws.ru/downloads/js/main.js
REQUEST
RESPONSE
BODY
GET /downloads/js/main.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; _ym_uid=1619427536570725093; _ym_d=1619427536; _ym_isad=2
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2481fc00007818d92cb000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BAnD4HbOErOTM5%2Fa0EB%2FHCCUff%2BwnhDOOTdhjSBaELdmVn6dU%2F7Cj0yg%2FdBMjXdcLiN3z1pFMHO7%2FUqtiIMFm53yfLHjwO2%2B"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba37ccc167818-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
404
https://exws.ru/downloads/js/placeholder.js
REQUEST
RESPONSE
BODY
GET /downloads/js/placeholder.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; _ym_uid=1619427536570725093; _ym_d=1619427536; _ym_isad=2
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2487a20000056c46988000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rk60T03cNaShpRFgRGS2DMV2mMs9aCKYJZ%2FvPua5WKsinUTBXCD6LvfoUqeAm2lvATvk%2BodgfaYjoGjQoAYd2HjqZ5fRa3YR"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba385dc22056c-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
404
https://exws.ru/downloads/js/style.changer.js
REQUEST
RESPONSE
BODY
GET /downloads/js/style.changer.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; _ym_uid=1619427536570725093; _ym_d=1619427536; _ym_isad=2
HTTP/1.1 404 Not Found
Date: Mon, 26 Apr 2021 00:19:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad2489e10000eb950a87d000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lQL5ikySqGAufYHgx03%2FNESMFDksUJnFN3gUBqhfYO0N8%2BfIl9eS8pjhtgpGI%2BEVly%2FiB6imrJgjQB4m3ELHyA75V7X4Yws%2F"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 645ba3896df4eb95-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
200
https://exws.ru/favicon.ico
REQUEST
RESPONSE
BODY
GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: exws.ru
Connection: Keep-Alive
Cookie: __cfduid=d20eabd41c464d4754681e7754eba9dde1619396343; _ym_uid=1619427536570725093; _ym_d=1619427536; _ym_isad=2
HTTP/1.1 200 OK
Date: Mon, 26 Apr 2021 00:19:20 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jul 2020 21:19:36 GMT
ETag: W/"5f00f268-423e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
cf-request-id: 09ad248dca0000d332599ab000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nbSJLewF9mjt2Onz3cs6u689gVDx7Y8zSPJYmuHOW9aMqYO7i9pdqp1i9nmW4IJw1kk0IbffQXg7yOZ9clX6zX%2BQ52Q4eoBg"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 645ba38faf5cd332-LAX
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET
302
https://mc.yandex.ru/watch/36586115?callback=_ymjsp776041626&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=nb%3A1%3Acl%3A754%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175915%3Aet%3A1619427555%3Ac%3A1%3Arn%3A620849982%3Arqn%3A2%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C6%2C13572%2C13636%2C3%2C13566%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427555&wmode=5
REQUEST
RESPONSE
BODY
GET /watch/36586115?callback=_ymjsp776041626&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=nb%3A1%3Acl%3A754%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175915%3Aet%3A1619427555%3Ac%3A1%3Arn%3A620849982%3Arqn%3A2%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C6%2C13572%2C13636%2C3%2C13566%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427555&wmode=5 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
HTTP/1.1 302 Moved temporarily
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Date: Mon, 26 Apr 2021 00:19:34 GMT
Expires: Mon, 26-Apr-2021 00:19:34 GMT
Last-Modified: Mon, 26-Apr-2021 00:19:34 GMT
Location: /watch/36586115/1?callback=_ymjsp776041626&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=nb%3A1%3Acl%3A754%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175915%3Aet%3A1619427555%3Ac%3A1%3Arn%3A620849982%3Arqn%3A2%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C6%2C13572%2C13636%2C3%2C13566%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427555&wmode=5
Pragma: no-cache
Set-Cookie: yandexuid=1759001361619396374; Expires=Thu, 24-Apr-2031 00:19:34 GMT; Domain=.yandex.ru; Path=/
Set-Cookie: yabs-sid=1341918641619396374; Path=/
Set-Cookie: i=sztGlOca2NcL92yLOoUgfqsk3OWY+c0aPgNVnXspAA+a2b43PUEgu57WmBb/qlTY5z0QFqZa7nDouewNypwpOOqObtY=; Expires=Thu, 24-Apr-2031 00:19:34 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
Set-Cookie: ymex=1934756374.yrts.1619396374#1934756374.yrtsi.1619396374; Expires=Tue, 26-Apr-2022 00:19:34 GMT; Domain=.yandex.ru; Path=/
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
GET
200
https://mc.yandex.ru/watch/36586115/1?callback=_ymjsp776041626&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=nb%3A1%3Acl%3A754%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175915%3Aet%3A1619427555%3Ac%3A1%3Arn%3A620849982%3Arqn%3A2%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C6%2C13572%2C13636%2C3%2C13566%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427555&wmode=5
REQUEST
RESPONSE
BODY
GET /watch/36586115/1?callback=_ymjsp776041626&page-url=https%3A%2F%2Fexws.ru%2Fdownloads%2Fusercp.php%3Fmsg%3D%C3%90%C2%A2%C3%91%E2%82%AC%C3%90%C2%B5%C3%90%C2%B1%C3%91%C6%92%C3%90%C2%B5%C3%91%E2%80%9A%C3%91%C2%81%C3%91%C2%8F%2520%C3%90%C2%B0%C3%90%C2%B2%C3%91%E2%80%9A%C3%90%C2%BE%C3%91%E2%82%AC%C3%90%C2%B8%C3%90%C2%B7%C3%90%C2%B0%C3%91%E2%80%A0%C3%90%C2%B8%C3%91%C2%8F%3A&charset=utf-8&browser-info=nb%3A1%3Acl%3A754%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfuji4o8hq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ako%3Av%3A502%3Acn%3A1%3Adp%3A0%3Als%3A453733073728%3Ahid%3A839055131%3Az%3A540%3Ai%3A20210426175915%3Aet%3A1619427555%3Ac%3A1%3Arn%3A620849982%3Arqn%3A2%3Au%3A1619427536570725093%3Aw%3A1211x841%3As%3A1365x1024x24%3Aj%3A1%3Ans%3A1619427526687%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C6%2C13572%2C13636%2C3%2C13566%3Awv%3A2%3Arqnl%3A1%3Ati%3A3%3Ast%3A1619427555&wmode=5 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://exws.ru/downloads/usercp.php?msg=âÃâ¬ÃµÃ±ÃÆõÃâÃÂÃÂ%20ðòÃâþÃâ¬Ã¸Ã·Ã°Ãâ øÃÂ:
Accept-Language: ko-KR
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: mc.yandex.ru
Connection: Keep-Alive
HTTP/1.1 200 Ok
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 215
Content-Type: application/javascript
Date: Mon, 26 Apr 2021 00:19:34 GMT
Expires: Mon, 26-Apr-2021 00:19:34 GMT
Last-Modified: Mon, 26-Apr-2021 00:19:34 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
GET
200
http://ie9cvlist.ie.microsoft.com/IE9CompatViewList.xml
REQUEST
RESPONSE
BODY
GET /IE9CompatViewList.xml HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: ie9cvlist.ie.microsoft.com
If-Modified-Since: Fri, 16 Oct 2020 17:54:09 GMT
If-None-Match: 0x8D871FC7BDF491D
Connection: Keep-Alive
HTTP/1.1 200 OK
Content-Encoding: gzip
Age: 18685
Cache-Control: max-age=21600
Content-MD5: Ho7x5OFxPmXuon/IucKh7g==
Content-Type: text/xml
Date: Mon, 26 Apr 2021 00:20:03 GMT
Etag: 0x8D90364ECB23BC5
Last-Modified: Mon, 19 Apr 2021 18:57:05 GMT
Server: ECAcc (tka/897A)
Vary: Accept-Encoding
X-Cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: da041fcd-601e-00df-6506-3abc56000000
x-ms-version: 2009-09-19
Content-Length: 13706
ICMP traffic
No ICMP traffic performed.
IRC traffic
No IRC requests performed.
Suricata Alerts
Suricata TLS
Flow | Issuer | Subject | Fingerprint |
---|---|---|---|
TLSv1 192.168.56.102:49819 142.250.204.42:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=upload.video.google.com | c2:b5:f0:1b:46:55:3f:d3:65:b2:1d:5c:cc:56:a7:41:ac:9c:7a:22 |
TLSv1 192.168.56.102:49813 104.21.55.21:443 |
C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 29:14:2a:70:bc:6c:04:44:be:ab:46:dc:fa:91:03:73:a6:39:2a:da |
TLSv1 192.168.56.102:49821 142.250.204.42:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=upload.video.google.com | c2:b5:f0:1b:46:55:3f:d3:65:b2:1d:5c:cc:56:a7:41:ac:9c:7a:22 |
TLSv1 192.168.56.102:49814 104.21.55.21:443 |
C=US, O=Cloudflare, Inc., CN=Cloudflare Inc ECC CA-3 | C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=sni.cloudflaressl.com | 29:14:2a:70:bc:6c:04:44:be:ab:46:dc:fa:91:03:73:a6:39:2a:da |
TLSv1 192.168.56.102:49834 104.22.18.208:443 |
C=US, O=Cloudflare, Inc., CN=Cloudflare Inc RSA CA-2 | C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=free-kassa.ru | 2e:f5:1e:8c:72:15:12:fd:a7:81:ff:7d:a1:e2:d2:fc:72:83:b2:5e |
TLSv1 192.168.56.102:49820 23.111.9.35:443 |
C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 | C=US, ST=Arkansas, L=Bentonville, O=Fonticons Inc, CN=*.fontawesome.com | b3:98:5d:48:a7:9b:bc:59:47:42:5f:34:bb:d2:3d:35:f4:a6:9f:61 |
TLSv1 192.168.56.102:49826 216.58.220.195:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.gstatic.com | 36:ae:4f:16:79:a7:78:df:85:88:67:19:ae:c4:52:de:e4:11:9d:0a |
TLSv1 192.168.56.102:49838 216.58.220.195:443 |
None | None | None |
TLSv1 192.168.56.102:49837 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49823 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49822 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49839 87.250.251.119:443 |
C=RU, O=Yandex LLC, OU=Yandex Certification Authority, CN=Yandex CA | C=RU, L=Moscow, OU=ITO, O=Yandex LLC, CN=mc.yandex.ru | ab:3d:30:32:3f:ad:2a:05:33:18:ca:75:6d:81:ab:e1:24:89:91:b8 |
TLSv1 192.168.56.102:49828 216.58.220.195:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.gstatic.com | 36:ae:4f:16:79:a7:78:df:85:88:67:19:ae:c4:52:de:e4:11:9d:0a |
TLSv1 192.168.56.102:49829 216.58.220.195:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.gstatic.com | 36:ae:4f:16:79:a7:78:df:85:88:67:19:ae:c4:52:de:e4:11:9d:0a |
TLSv1 192.168.56.102:49831 216.58.220.195:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.gstatic.com | 36:ae:4f:16:79:a7:78:df:85:88:67:19:ae:c4:52:de:e4:11:9d:0a |
TLSv1 192.168.56.102:49840 87.250.251.119:443 |
C=RU, O=Yandex LLC, OU=Yandex Certification Authority, CN=Yandex CA | C=RU, L=Moscow, OU=ITO, O=Yandex LLC, CN=mc.yandex.ru | ab:3d:30:32:3f:ad:2a:05:33:18:ca:75:6d:81:ab:e1:24:89:91:b8 |
TLSv1 192.168.56.102:49827 216.58.220.195:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.gstatic.com | 36:ae:4f:16:79:a7:78:df:85:88:67:19:ae:c4:52:de:e4:11:9d:0a |
TLSv1 192.168.56.102:49830 216.58.220.195:443 |
C=US, O=Google Trust Services, CN=GTS CA 1O1 | C=US, ST=California, L=Mountain View, O=Google LLC, CN=*.gstatic.com | 36:ae:4f:16:79:a7:78:df:85:88:67:19:ae:c4:52:de:e4:11:9d:0a |
TLSv1 192.168.56.102:49843 51.254.201.70:443 |
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA | CN=webmoney.ru | 82:da:d2:5d:5f:4c:5a:aa:8c:bd:5c:55:23:d7:f0:77:11:40:d0:99 |
TLSv1 192.168.56.102:49858 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49836 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49842 216.58.220.195:443 |
None | None | None |
TLSv1 192.168.56.102:49853 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49855 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49833 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49859 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49835 104.22.18.208:443 |
C=US, O=Cloudflare, Inc., CN=Cloudflare Inc RSA CA-2 | C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=free-kassa.ru | 2e:f5:1e:8c:72:15:12:fd:a7:81:ff:7d:a1:e2:d2:fc:72:83:b2:5e |
TLSv1 192.168.56.102:49825 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49832 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49844 51.254.201.70:443 |
C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA | CN=webmoney.ru | 82:da:d2:5d:5f:4c:5a:aa:8c:bd:5c:55:23:d7:f0:77:11:40:d0:99 |
TLSv1 192.168.56.102:49845 87.250.250.119:443 |
C=RU, O=Yandex LLC, OU=Yandex Certification Authority, CN=Yandex CA | C=RU, L=Moscow, OU=ITO, O=Yandex LLC, CN=mc.yandex.ru | ab:3d:30:32:3f:ad:2a:05:33:18:ca:75:6d:81:ab:e1:24:89:91:b8 |
TLSv1 192.168.56.102:49846 87.250.250.119:443 |
C=RU, O=Yandex LLC, OU=Yandex Certification Authority, CN=Yandex CA | C=RU, L=Moscow, OU=ITO, O=Yandex LLC, CN=mc.yandex.ru | ab:3d:30:32:3f:ad:2a:05:33:18:ca:75:6d:81:ab:e1:24:89:91:b8 |
TLSv1 192.168.56.102:49852 104.21.55.21:443 |
None | None | None |
TLSv1 192.168.56.102:49854 104.21.55.21:443 |
None | None | None |
Snort Alerts
No Snort Alerts