Network Analysis

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: yandex.ru

HTTP/1.1 302 Moved temporarily Accept-CH: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT Cache-Control: max-age=1209600,private Date: Mon, 06 Nov 2023 22:42:31 GMT Location: https://dzen.ru/?yredirect=true NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} P3P: policyref="/w3c/p3p.xml", CP="NON DSP ADM DEV PSD IVDo OUR IND STP PHY PRE NAV UNI" Portal: Home Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} Transfer-Encoding: chunked X-Content-Type-Options: nosniff X-Robots-Tag: unavailable_after: 12 Sep 2022 00:00:00 PST X-Yandex-Req-Id: 1699310551298716-8197614451681877949-balancer-l7leveler-kubr-yp-vla-82-BAL-3999 set-cookie: is_gdpr=0; Path=/; Domain=.yandex.ru; Expires=Wed, 05 Nov 2025 22:42:31 GMT set-cookie: is_gdpr_b=CIauJRCx2AEoAg==; Path=/; Domain=.yandex.ru; Expires=Wed, 05 Nov 2025 22:42:31 GMT set-cookie: _yasc=GKXXa8XeWyBkilgphmiCRh1+UJ3Au0Oak1MDF6riFtkkxB/kceH3qD0wSUFaKce43vQ=; domain=.yandex.ru; path=/; expires=Thu, 03 Nov 2033 22:42:31 GMT; secure set-cookie: i=UWFDVZLAkw8guTEv8TCKtodLL2VOelINXO/cob/h6+7GjK6ip8gcadlflg3RZfCNkob5YokHEJO/JWtvRNdLDtEQ+vo=; Expires=Wed, 05-Nov-2025 22:42:31 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly set-cookie: yandexuid=8818779491699310551; Expires=Wed, 05-Nov-2025 22:42:31 GMT; Domain=.yandex.ru; Path=/; Secure set-cookie: yashr=3991565871699310551; Path=/; Domain=.yandex.ru; Expires=Tue, 05 Nov 2024 22:42:31 GMT; Secure; HttpOnly

GET /?yredirect=true HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: dzen.ru

HTTP/1.1 302 Found Content-Length: 0 Content-Type: application/json;charset=utf-8 Date: Mon, 06 Nov 2023 22:42:32 GMT Location: https://sso.passport.yandex.ru/push?uuid=17ee63be-a01d-4351-b836-3f7809d3449d&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue Set-Cookie: zen_sso_checked=1; Path=/; Domain=.dzen.ru; Expires=Tue, 07-Nov-2023 10:42:32 GMT; Max-Age=43200; Secure; HttpOnly Set-Cookie: _yasc=VYDLAiMJBfqshwnb4V4i1Q78jcr65fmnBi8G55KQ+lsHgYs7nfSVBTjMBwj9uZIf; domain=.dzen.ru; path=/; expires=Thu, 03 Nov 2033 22:42:32 GMT; secure

GET /push?uuid=17ee63be-a01d-4351-b836-3f7809d3449d&retpath=https%3A%2F%2Fdzen.ru%2F%3Fyredirect%3Dtrue HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: sso.passport.yandex.ru Cookie: yashr=3991565871699310551; yandexuid=8818779491699310551; i=UWFDVZLAkw8guTEv8TCKtodLL2VOelINXO/cob/h6+7GjK6ip8gcadlflg3RZfCNkob5YokHEJO/JWtvRNdLDtEQ+vo=; _yasc=GKXXa8XeWyBkilgphmiCRh1+UJ3Au0Oak1MDF6riFtkkxB/kceH3qD0wSUFaKce43vQ=; is_gdpr_b=CIauJRCx2AEoAg==; is_gdpr=0

HTTP/1.1 200 OK Server: nginx Date: Mon, 06 Nov 2023 22:42:34 GMT Content-Type: text/html; charset=utf-8 Content-Length: 1957 Connection: close Vary: Accept-Encoding X-Download-Options: noopen X-Content-Type-Options: nosniff Surrogate-Control: no-store Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate Pragma: no-cache Expires: 0 X-DNS-Prefetch-Control: off X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'none'; frame-ancestors https://*.dzen.ru https://dzen.ru; connect-src 'self'; script-src 'nonce-ccf6e8ff1ee857a59d4158fbe50a2180' 'self'; img-src 'self' Set-Cookie: mda2_beacon=1699310554204; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Set-Cookie: ys=c_chck.783981053; Domain=.yandex.ru; Secure; Path=/ Set-Cookie: mda2_domains=dzen.ru; Domain=.passport.yandex.ru; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; Path=/ Referrer-Policy: origin ETag: W/"7a5-DVJlMluYufdfTw9m+RrWJhiJhdo" Strict-Transport-Security: max-age=315360000; includeSubDomains

GET / HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: db-ip.com

HTTP/1.1 200 OK Date: Mon, 06 Nov 2023 22:42:39 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive cache-control: max-age=28800 x-iplb-request-id: AC46C792:6E76_93878F2E:0050_65496BDF_1626582:0401 x-iplb-instance: 30783 CF-Cache-Status: EXPIRED Last-Modified: Mon, 06 Nov 2023 05:54:37 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMojdHbV6XvunqZ%2FhLapsteGuQtr%2B8uIHXN7VlQ1jOznXbHJEZsuIxUA7GeXvdrFyd1%2FdEJlzjoFspk3AHb%2FiVTlzVK%2BwZPJlRWr2cZSk7edTitoUM3K2q0lGw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8220d9d1793229d4-FUK alt-svc: h3=":443"; ma=86400

POST /v2/p31e4d59ee6ad1a0b5cc80695a873e43a8fbca06/self HTTP/1.1 Connection: Keep-Alive Referer: https://db-ip.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 0 Host: api.db-ip.com

HTTP/1.1 200 OK Date: Mon, 06 Nov 2023 22:42:39 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive access-control-allow-origin: http*://*db-ip.com cache-control: max-age=180 x-iplb-request-id: AC46C797:D074_93878F2E:0050_65496BDF_16399DC:BDC9 x-iplb-instance: 30782 CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFv42ee22Ed0BHYWtN0fN32L91Y4affRWwl44lA15b%2BzSQ17lqn8hV8Vq%2FKqn9uQWUtrOnK7MLr5XOblrkZsCGXpAZMQhFLNCW3jibBqgOOHkndQv3f648AkyqyWF7U%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8220d9d4dd7029da-FUK alt-svc: h3=":443"; ma=86400

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 91.92.243.151

HTTP/1.1 302 Found Date: Mon, 06 Nov 2023 22:42:34 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 X-Powered-By: PHP/7.2.33 Set-Cookie: WHMCSdN8ZDh5Ye5PW=64nbptcrv41bilhauh0jmbvvrc; path=/; secure; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: https://ironhost.io/index.php Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=utf-8

GET /roots/dstrootcax3.p7c HTTP/1.1 Connection: Keep-Alive Accept: */* User-Agent: Microsoft-CryptoAPI/6.1 Host: apps.identrust.com

HTTP/1.1 200 OK X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-Robots-Tag: noindex Referrer-Policy: same-origin Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT ETag: "37d-6079b8c0929c0" Accept-Ranges: bytes Content-Length: 893 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Type: application/pkcs7-mime Cache-Control: max-age=3600 Expires: Mon, 06 Nov 2023 23:42:37 GMT Date: Mon, 06 Nov 2023 22:42:37 GMT Connection: keep-alive

GET /api/tracemap.php HTTP/1.1 Connection: Keep-Alive Host: 94.142.138.131

HTTP/1.1 200 OK Date: Mon, 06 Nov 2023 22:42:38 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 25 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Mon, 06 Nov 2023 22:42:38 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 3 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

GET /geoip/v2.1/city/me HTTP/1.1 Connection: Keep-Alive Referer: https://www.maxmind.com/en/locate-my-ip-address User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Host: www.maxmind.com

HTTP/1.1 403 Forbidden Date: Mon, 06 Nov 2023 22:42:39 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 4520 Connection: keep-alive X-Frame-Options: SAMEORIGIN Referrer-Policy: same-origin Cache-Control: max-age=15 Expires: Mon, 06 Nov 2023 22:42:54 GMT Server: cloudflare CF-RAY: 8220d9d78b43c087-ICN

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 13 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Mon, 06 Nov 2023 22:42:40 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 15 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

POST /api/firecom.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Length: 69 Host: 94.142.138.131

HTTP/1.1 200 OK Date: Mon, 06 Nov 2023 22:42:40 GMT Server: Apache/2.4.29 (Ubuntu) Content-Length: 41 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8