Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: yandex.ru

HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT Cache-Control: max-age=1209600,private Date: Sat, 30 Sep 2023 03:52:31 GMT Location: https://dzen.ru/?yredirect=true NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} P3P: policyref="/w3c/p3p.xml", CP="NON DSP ADM DEV PSD IVDo OUR IND STP PHY PRE NAV UNI" Portal: Home Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Robots-Tag: unavailable_after: 12 Sep 2022 00:00:00 PST X-Yandex-Req-Id: 1696045951018582-13998243148267977846-balancer-l7leveler-kubr-yp-vla-150-BAL-3866 set-cookie: is_gdpr=0; Path=/; Domain=.yandex.ru; Expires=Mon, 29 Sep 2025 03:52:31 GMT set-cookie: is_gdpr_b=CKDSYBCm0QEoAg==; Path=/; Domain=.yandex.ru; Expires=Mon, 29 Sep 2025 03:52:31 GMT set-cookie: _yasc=Phlji0E/oXTxkjLlef0KxOVxQoDIFzNiQnFuUDe+pJPFYbpzqi8FXLxr17pmfdCNDC8=; domain=.yandex.ru; path=/; expires=Tue, 27 Sep 2033 03:52:31 GMT; secure set-cookie: i=9ov6Rx14Z0KhGIGzi8og55+UYHQ+epDiRgTyvF5mx0yIciW+8ZtG5YK4olWG3wzQSEuLMt4yVbTR7HtMfxs0wBprdVY=; Expires=Mon, 29-Sep-2025 03:52:31 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly set-cookie: yandexuid=1679778461696045951; Expires=Mon, 29-Sep-2025 03:52:31 GMT; Domain=.yandex.ru; Path=/; Secure

GET /?yredirect=true HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: dzen.ru

HTTP/1.1 302 Found Content-Length: 0 Content-Type: application/json;charset=utf-8 Date: Sat, 30 Sep 2023 03:52:32 GMT Location: https://sso.passport.yandex.ru/push?uuid=ad269c5f-9769-4a8d-84e7-2d5be64d35f7&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue Set-Cookie: zen_sso_checked=1; Path=/; Domain=.dzen.ru; Expires=Sat, 30-Sep-2023 15:52:32 GMT; Max-Age=43200; Secure; HttpOnly Set-Cookie: _yasc=eisgtLFCdsJrqPXerAHr/g5SkowaCt757i7Koc+oQRZhf47xYoBx5K/3OFbAZhKl; domain=.dzen.ru; path=/; expires=Tue, 27 Sep 2033 03:52:32 GMT; secure

GET /push?uuid=ad269c5f-9769-4a8d-84e7-2d5be64d35f7&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sso.passport.yandex.ru Cookie: yandexuid=1679778461696045951; i=9ov6Rx14Z0KhGIGzi8og55+UYHQ+epDiRgTyvF5mx0yIciW+8ZtG5YK4olWG3wzQSEuLMt4yVbTR7HtMfxs0wBprdVY=; _yasc=Phlji0E/oXTxkjLlef0KxOVxQoDIFzNiQnFuUDe+pJPFYbpzqi8FXLxr17pmfdCNDC8=; is_gdpr_b=CKDSYBCm0QEoAg==; is_gdpr=0

HTTP/1.1 200 OK Server: nginx Date: Sat, 30 Sep 2023 03:52:33 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1959 Connection: close Vary: Accept-Encoding X-Download-Options: noopen X-Content-Type-Options: nosniff Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 X-DNS-Prefetch-Control: off X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none'; frame-ancestors https://*.dzen.ru https://dzen.ru; connect-src 'self'; script-src 'nonce-94394e3fb11095df5b03979d4b15c8fb' 'self'; img-src 'self' Set-Cookie: mda2_beacon=1696045953535; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Set-Cookie: ys=c_chck.4072784231; Domain=.yandex.ru; Secure; Path=/ Set-Cookie: mda2_domains=dzen.ru; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Referrer-Policy: origin ETag: W/"7a7-2Wm8a7PwArmNtZjW7uNgDqCGpRQ" Strict-Transport-Security: max-age=315360000; includeSubDomains

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:34 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-control: max-age=28800 X-IPLB-Request-ID: AC46E919:D3AE_93878F2E:0050_65179AC2_24DAEA16:24679 X-IPLB-Instance: 30783 CF-Cache-Status: HIT Age: 192 Last-Modified: Sat, 30 Sep 2023 03:49:22 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11ijKOkMnVOOfIP2FYb891t0%2BQ03Ijofc%2FuGEA6%2Fp5sBQTg%2BCS17NvR3wonjBvC0ss918BhmD5CJw8yPow3i5%2F5Gb%2FbyI4r0nOpd8q%2B19N4P7WtJWpx601mHeQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e983914ecf8d13-KIX alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:35 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: http*://*db-ip.com Cache-control: max-age=180 X-IPLB-Request-ID: AC46E966:AB98_93878F2E:0050_65179B77_24DAF5B4:24679 X-IPLB-Instance: 30783 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvSCnofVm89q65LcqbRKs3yKjSTwh4QXAY2K%2FNxYegFDiS1jbFKjYSXssZQAnIpZ7HWbo%2FLGNgPRCQ8lLIVlZoaPAoo80q41DIqVyd3b05R25w0nIO9c2%2FkcFyDq8Qw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 80e983926cff835e-KIX alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 193.42.32.118

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:34 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 25 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:34 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 3 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 403 Forbidden Date: Sat, 30 Sep 2023 03:52:35 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 4520 Connection: keep-alive X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: max-age=15 Expires: Sat, 30 Sep 2023 03:52:50 GMT Server: cloudflare CF-RAY: 80e98393d8b3a7ba-ICN

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 13 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:35 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 15 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 69 Host: 193.42.32.118

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:35 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Content-Length: 42 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

HEAD /download/WWW14_64.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Content-Length: 0 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:36 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:22 GMT ETag: "677c00-6067cccd916ee" Accept-Ranges: bytes Content-Length: 6781952 Content-Type: application/x-msdos-program

GET /download/WWW14_64.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: 171.22.28.226 Cache-Control: no-cache

HTTP/1.1 200 OK Date: Sat, 30 Sep 2023 03:52:36 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 29 Sep 2023 10:22:22 GMT ETag: "677c00-6067cccd916ee" Accept-Ranges: bytes Content-Length: 6781952 Content-Type: application/x-msdos-program