www.sowaids.ru.com/wexqs/ibwv876154ksfhdfnki/x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
104.21.4.212200 OK 536 B URL HTTP/1.1 www.sowaids.ru.com/wexqs/ibwv876154ksfhdfnki/x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
IP 104.21.4.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8cd0c32506a2634a435174ba046a0189
c9d5aa169376c2bb65a24c04179d85c47f20e8e6
2d416bb0281268de224bbc3d87927aff847c9be2d8041ee4394969971da3a394
Analyzer Verdict Alert quad9 Sinkholed
GET /wexqs/ibwv876154ksfhdfnki/x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1 HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygL0dtU1qXgdQmrPsgl7u8GcohLb3QNlFka9utVnLvfgDeOgHEmNBIOvoMS2e%2F3jIiaBnk%2BVMkEP32NiCIbTi7eKIKxGTADP1nZ1CjTuoPQqg%2FrTyWMDREISgl5oaKoncCPjtWs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f0cd262cf7fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 05:05:44 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PFT8zjwZyNIRBy2We9bkyh0Fw8mNPxC7D9wTbosOIVzZB9BB4rri7w==
Age: 570
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10740
Expires: Fri, 23 Sep 2022 08:14:14 GMT
Date: Fri, 23 Sep 2022 05:15:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12440
Expires: Fri, 23 Sep 2022 08:42:34 GMT
Date: Fri, 23 Sep 2022 05:15:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cz9l2M2aOTLDIUOyA76bhQGV4Jbhl1hrM2hgnpZPspc/WIF+B5OTm+zOFHtzsHG6OFDGPJWyQGA=
x-amz-request-id: WBPT23T0X3H9Y83D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 04:46:49 GMT
age: 1705
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 05:15:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 52d40bfacc169624aeae523d98b55eae
47daf75f58375c9d45d344fe950835ff39b9c2ad
b4f5909714ce2853f05d9f0353ef0cb224bd4d90deed549234346fdb44527d24
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 05:15:14 GMT
expires: Fri, 23 Sep 2022 05:15:14 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42227
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sowaids.ru.com/jquery-1.11.0.min.js
104.21.4.212200 OK 33 kB URL HTTP/1.1 www.sowaids.ru.com/jquery-1.11.0.min.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
Analyzer Verdict Alert quad9 Sinkholed
GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/wexqs/ibwv876154ksfhdfnki/x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:39 GMT
ETag: W/"62e8238b-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMnQPhg6YZCXIYgLTyiKdn%2FTa55NjxgMkQYoR5sQCbYlCYSDPTyhFBa6G%2BN%2FED10Ev2146HWlS5p6GuOQoq39UyuO7v9YD8dUnuSBTYpB%2B4%2F6atakVAajPHTnntSVpAdov3kdhw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd286df5fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/offer.php?id=373&sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
104.21.4.212200 OK 328 B URL HTTP/1.1 www.sowaids.ru.com/offer.php?id=373&sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
IP 104.21.4.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 41087e7ffdd2941badc0a6aa0ca855b3
2396d21d2ab70ae18d603e7eaff213ed2e6c7661
2aa766fc0fbddb9fd27b8530d8d416c1385fb5e0b551c56820880048d2aca0ec
Analyzer Verdict Alert quad9 Sinkholed
GET /offer.php?id=373&sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1 HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/wexqs/ibwv876154ksfhdfnki/x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2%2FoSMKQeyAYdPIr1vbgRVm7pcLH7ZrZdVh%2FTgBcjbDNKS1Rg0VyR0KWsjW%2FcY6oBO18arkiEefYsY8oeqwibqCNyL2afkm0Rlx52nmNDkDwcK%2BQ3k2SddzZ1HvMFQQTpYApm5I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f0cd2a3ec1fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fast.wistia.com/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "632ccf4b-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Sep 2022 21:10:35 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Sep 2022 05:15:15 GMT
age: 28982
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 176
x-timer: S1663910115.256428,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 05:03:22 GMT
Expires: Fri, 23 Sep 2022 05:16:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JXlra2FWnloZXh4ueJ9mQ5USliYLol_d6kZ5KCSnRBVis3Bly3NBlw==
Age: 713
www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
104.21.4.212200 OK 14 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
IP 104.21.4.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16084), with CRLF line terminators
Hash bc89b0f40a4ecd320a5a44b241c0b86f
1fa4051a0b573f47a9d28ab06c6b1b67a18d911b
3903ab49a0bde0df8400b5d41b22ceabcaa89e1e812b6ba9528265724e2aa6fd
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1 HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uc8u0RXktVrh0PZzIUv2OrBAG8J2qD%2BoUKxQGAGAxbR8w1GuW46UH7zoLRTqZ6Wlwh4rtFYkeU4e8oub%2FUlpzbaxueVCLknViCVGgfU%2F6FRoT%2FRMJoE%2FPdL0lQuZIpl13CxVuY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f0cd2b3f22fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/modernizr-custom.js
104.21.4.212200 OK 1.6 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/modernizr-custom.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (4277)
Hash 3b0b7910dbc74a70a84d5aaadd6dd5d8
ede9efa01f4f13ff72a4e0ec38f861fb0038997a
ffceb69c04fb2f1c15b6212bf27ab6a5e40522a273ad49fd3d4a05578f49d2c0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/modernizr-custom.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-114c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EARPDSCdAtgHkq9xP6RQ19MrY45QHDkHP%2FJaCHZgd4fMohx7RQL5bbtPH5AoQ0fUQAaY%2BYtLL6Mhr6GtUwcFrX3CtYWUUdGMOtQ%2Fhi2ZM76%2BVVq%2BiSm5ELmK55mBj20wkMx2vyU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2bcaf00b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/blueshift.js
104.21.4.212200 OK 2.0 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/blueshift.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (4246), with no line terminators
Hash e510f0f99cb3baeac9c35553b8aec6f7
af64d1fc4bf5aa002596afa0d3c52a396ff69720
df549f295116025c11a3d9c8c4491963ba4f08ef3b3aa6eaa29542777cac70b1
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blueshift.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-1096"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQQKV8hoR8pSE5lF28xZkUCzHrQBfeKz%2FN39aQUmgX14%2F45jf9JH23aTfBpA1I9pV8UuGwbjw4c9lYXwY98zLStJUwj8ACJZ3HuExeatbmV1WaplXnhbfm%2BEaxqz1pvknzQgrlk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2bbf93b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/css2.css
104.21.4.212200 OK 1.1 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/css2.css
IP 104.21.4.212:0
Hash 53163eba0cf2d43dc392eca69fc2bfca
6f8c761a3da4e24bf7061f156db65a9f540c9c6f
a06dd967385fb560f7d9cc68fe9c7ee4e9476d33c4f5416d17fd953d1c2b0421
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/css2.css HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-65d2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIvDkC5ZBZ5ck9I4QkHeRDV3bs5ud51oL6QLbwFQoELLbY2FlknaOrjHi%2FTr4qodKdl9FDVleGJkDO7dqEYGew3EfN46MWr9TS26HJwAAQtHhjR%2B1zngyZwGG11dXL87RILGWUc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2bb8460afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4466
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:15 GMT
Last-Modified: Fri, 23 Sep 2022 04:00:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.sowaids.ru.com/clicks/circaknee_files/blazy.js
104.21.4.212200 OK 2.0 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/blazy.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (4991)
Hash b8116e5ca2a0e5c405502b6ee3cc25c5
52992193091d2872454ff3015f5d1756fd6b67f0
a7ed5eb0e7d7f08e31b08c515cbd6f491e18583106a549d060f1b4941f85c506
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blazy.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-1448"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMuB8BWsbCX7ogsuUsByIvKgdzq%2B2Sh9Ye9ANfnA27lAuRIT1WgeV48nVPBo4LGPCmzpcGdK3d5LpGX0IYWV%2FoTXF33BP7r%2Fx3s9LT2KrkCTfhcIcgrapUsvEJ%2B1BRIUFruTcB0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2cab680b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/gtm.js
104.21.4.212200 OK 69 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/gtm.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (55397)
Hash 5fa1c01b5d91b87b894513a1abe72ebb
165aadc0a4a01222146e4f7281e592532da95796
5d4826e8ff74dba968c57d47d2bbe791508729c389d445abd680e608dbab39d0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/gtm.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3a09f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbvsfxA9gPV1bQN8SEyMWboQyyYNkiMOOebcTVFoFZ1vWVtNi193kjKvCrtGvA8uhgTqWazKpiYCpJRTk3bcr6mhEXntXBx26roTiJAKRUHHaWXOAl26eXstdtDQfFGakJEbgvs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2bccd9b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/ctrwowUtils-v2.js
104.21.4.212200 OK 11 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/ctrwowUtils-v2.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (33542), with no line terminators
Hash e6bde883be6ad8515c33ef779bd321f7
137f2bf9436f3f892c3e176da7429b171736d52f
9c1c652b9439d825b0a4bb12fc127a9a4b3397c1103becd5b6630541151bb11e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctrwowUtils-v2.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-8306"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8wguT9mimHW5NbU72DnPhL8Dq%2Biz310psx2jqBX4oRYcJjzFATfDgU6taR3AI%2FkdNb8tzFC7Er4fE29ux%2FTF2epK3NZSkF%2Bh0tauP2qyLoo41WLMsvDsyLUInqaTvs0dRvDlaM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2cb851b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/pre-vsl.css
104.21.4.212200 OK 2.8 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/pre-vsl.css
IP 104.21.4.212:0
File type ASCII text, with very long lines (10514), with no line terminators
Hash a6194a7ab9c22bc59390745f841b48aa
a247bebbd2a37da8e811a7194f9328c84ec56170
a3f25cc361c9d1ac5f237abe450e0795863f6d635a2b54dd731320e24a4ccefc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/pre-vsl.css HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-2912"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4C1ql4KoTbZl2v3sE55MhivXIeJ%2BRidabNEQYYrG%2Fu2PQATySIuQhAMURv4on0KahOLrMDosxGjA85PzsnjE3Ky7scFOTCNArYgGeY5X3qrYzJ2TPYi%2FSe8oLc%2BcGaqR8U8Rho%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2d29450afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/jquery-3.js
104.21.4.212200 OK 20 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/jquery-3.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (54348)
Hash 56fc9633833c473831b8772b20db4222
0f10326f6916de5303c92b3305ddcf3f64717242
0b64c12f01acfbac88bfac17bcfbe537a3be0c50ac7945309ca2a53378c930d6
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/jquery-3.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-d573"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQdeC8sJdJOOep7yT1Jcd1hut%2B93%2B%2FU3eT4GMdD7bjrcZ0MqfHhRKZQMQL01eCURFmZdpMYWHk1dNwsr1pGkm4Gf8lqKfKnz6ZUvQoeDsEIcqeEOiUOXxA6G7oB1Wf95xDQDRA0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2c9fa2fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/gtm_002.js
104.21.4.212200 OK 68 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/gtm_002.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (62413)
Hash 6fdc4ea785ec4cc00f67e91ee7b38ba8
72458fb5a66d19067d7c24be9a9c7154925fd964
130d86eb0dbe7b3ec701e78d18f6982db50feffe7597e6241bf045776ed62b7f
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/gtm_002.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3e9e8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZXroreIl0CrMmTkUS%2BBT%2B9tnqS4%2Bp1OySwfSi89P927gXl9qE26xkVSG7Hhu22lVDS5DnhIcoKeymGoKwDEY8qwPFTiWrJG1sviYTWEEYzdqdy%2BzPDFYvdhLUdcEE3YqHAl8Jw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2bb8c50b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
104.21.4.212200 OK 3.0 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (8769), with no line terminators
Hash 53c890fc05fb6b6f2ba47d4efb27c270
1ddeb2e7e2457457afd49eb36ca322b8974b4503
f95f367cdc41e82a967eb190867b0a08dea30585fc45c0f4f5dcb43886d752bf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-2241"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6VooOpsqjXhZTtdSLAp4wUkbKHm5ATXF1Nb%2BtD5aa69KozohTDN2srcUDHtDUzjbAmqyUjSCDRxtRlW1CNAc4lbooQnuys0afHG%2Bnx15KLlLudjvMP2Dw8XTqYpIDQToVsG8Dw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2dbeadb4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/CTR_FP_TRACKING-v2.js
104.21.4.212200 OK 12 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/CTR_FP_TRACKING-v2.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (41829), with no line terminators
Hash 0295b973fd65376712df8353df786270
08c89d5801568d82ff1a316f444ac89a70138006
065905d0503934ee11aac8cfbfe36c4476c94f93dcaf980367f76030a881b87d
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/CTR_FP_TRACKING-v2.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-a365"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXnWdhCc7pL0IPATiNIJhwGfzWtc3sqxLURWZAeAlRd%2FuljUJt%2FkXCgdbu0gQUS1FsBDI%2BjrRn1K8OTxFyF5dKXNgnfXnXPrlJGNZFgEES%2F3KClmwS%2Ba4LiNb1zPhYCR7N1AK7g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2d8c1c0b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 10:09:14 GMT
expires: Wed, 20 Sep 2023 10:09:14 GMT
cache-control: public, max-age=31536000
age: 241561
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sowaids.ru.com/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
104.21.4.212200 OK 9.3 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (30558), with no line terminators
Hash 1db1146a85840c35a9b14adf025fab66
8a96cbb216131380e65e2309ddc95102c4ca40b2
2cc882d7ca1ddde7f0b740d1715427768bb32a4058c613109ab107fb483203a7
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctr_heatmap_tracking-v1.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-775e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymeyDBarOPxeqgs9augTJE0D6Bae1d4NG5cnAFYhgC4g8kOeqiGwTKbfZIH22%2BTxt4hBzJpDtWo2bnWq7kNQzFbKtBVcYAyLtZw6XItERqCNK%2Fd9ySxD5YQPR4z2gz0BzlF0%2FHE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2dd931b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15732, version 1.0\012- data
Hash 80fe119e5efa3911b9d61b265f723b3d
34f751a1b1a0c1c0b5264b99f490e689db939657
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
GET /s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 21:53:07 GMT
expires: Sun, 17 Sep 2023 21:53:07 GMT
cache-control: public, max-age=31536000
age: 458528
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
GET /s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 01:28:59 GMT
expires: Sun, 17 Sep 2023 01:28:59 GMT
cache-control: public, max-age=31536000
age: 531976
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15828, version 1.0\012- data
Hash bf28241e67511184c14dbd0ef7d39f91
c706e0a4122ab727645b744c21667390e8898a4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
GET /s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 05:46:28 GMT
expires: Wed, 20 Sep 2023 05:46:28 GMT
cache-control: public, max-age=31536000
age: 257327
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.228.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4v8XXexJVIuAMT7atr49AA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XfbMOARfU08V3awYC/KdSHYWR+c=
www.sowaids.ru.com/clicks/circaknee_files/pre-vsl.js
104.21.4.212200 OK 4.3 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/pre-vsl.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (12372), with no line terminators
Hash f1bde3c479fc31ed81fa769c1385710e
238cec8e873157b500f313ba9b1b8ed32a632f3b
03a9e4b87446916d42182a7bc7912d2fd7d25d9efbdb4a13dae39834a3eab00e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/pre-vsl.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3054"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqWhtqZ5bFgjCodeUpqU%2BqMoKkEgeotofjPe8TcibKS1jVfaL1SfIs0b3SSEKPrV4kmVfsM3Hcau9ousqcg4rE8tc2Fp%2FZG3vdL%2BBKeEZzG4g%2BFpqmwcqG4Pe0UMs4GNEehKoXo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2e6b140b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/blueshift_wow.js
104.21.4.212200 OK 5.4 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/blueshift_wow.js
IP 104.21.4.212:0
File type Unicode text, UTF-8 text, with very long lines (15843), with no line terminators
Hash e65348c7a35e848a81cdfa547cffd09f
101070c91c21f9fe0ffd42fc17c8a0cfee2c56cd
4aa0a980550dad9808b8d4a80190720ad9c40d92b9e86c19919361a43d7745a0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blueshift_wow.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3e23"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pt38LSN6p8W4OUQ6XRWzS8Bl0zTa88XSKLp99KkjGRynVBOqlOpkCgKfL25PIabDoXKdZRWq5CcI6dBKPMzzCBuZLMZVMM62%2FvCXDlSzCYeb052XYtrGPiYdLLUiFXjm1N%2BbnE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2e6f91b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sowaids.ru.com/clicks/circaknee_files/ctrwow_analytics.js
104.21.4.212200 OK 18 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/ctrwow_analytics.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (55555), with no line terminators
Hash b4122018c18e0056422bb66c626070ee
836971bf8615cf908a985bf6307537cb10a84d15
f8ade1457ef938e60eb3f133e0e26dfa9a6eef5e74fa1aff540b12d8fcea41cd
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctrwow_analytics.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-d903"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DM3xFPtEtGcnDoJtGyEgutW%2BcdyA85QnorjAi9DUPZC4lcFe%2F6T94%2Fqdk%2BUvkhqyO9hbUUuSbpPhoTErWDq%2B7JNAWKwvfBz2adCF3YcLBV29JotEBux2hcgMpj2S2mGLhFiIBEs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2e09b50afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/dmca-badge-resize.webp
104.21.4.212200 OK 1.4 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/dmca-badge-resize.webp
IP 104.21.4.212:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9985d83ad8ac83764331a13b920ac486
6991872ac8abd1abd1045d20f355ce4b124de007
286198e6e4eaa35a618b8c9c954584d5d8c19bb0720228a0546bea63995285fa
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/dmca-badge-resize.webp HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: image/webp
Content-Length: 1386
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-56a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A1DojwOjeQ10f0DIOXqOXt%2FHfu12f7dcrGyDwkCVPYQLS7sOcmGPrEJ0mPB14voJxmbMRN5Eg0rUeEWiYyA9kiAPvTm9ZgFAxk64sO3o2bqBlZcVvn1n2I26V7akmJn510QhmM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2efcfd0b06-OSL
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/icon_shipping.webp
104.21.4.212200 OK 1.4 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/icon_shipping.webp
IP 104.21.4.212:0
File type PNG image data, 104 x 52, 8-bit colormap, non-interlaced\012- data
Hash ba2661585e30c45f0a39517480f9968f
bc126b42415e512f42aa551cc2af30e3d675ee8a
b8d83ff7d53074a841c50d8e17b38e41f8624b38f842fe4edad04f63fe9e4962
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/icon_shipping.webp HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
Cookie: _gcl_au=1.1.1983297032.1663910115
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: image/webp
Content-Length: 1431
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-597"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i29dhM9H8DHpezhRg6tvb0fI2Hdp%2BYIGMNjuJca4WBEHdpvO3Qh3PPKmG5ssSR8WDKt9OOFMcdSsUW9Kbb6s%2BZXfUU%2FKj4epGG2cU3VGgXAd86zBFzK%2F5r1tOiQM7G%2FeJq19oFU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2f5846b4f9-OSL
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/blank.htm
104.21.4.212200 OK 548 B URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/blank.htm
IP 104.21.4.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blank.htm HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
Cookie: _gcl_au=1.1.1983297032.1663910115
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HLECZ%2FjXJjwuBV4g0jMAqEPMCUSIebz9f7y%2FJRPJn%2B89pt2oldr%2FFWA9sKUPFsSEvLcZIwMvRPK2aebpM2rBRPFyII7bSgx8ftwex6P4kv%2FXh1QqOsngmPG%2BnUiXJpRgzP%2Fbv4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74f0cd2f4bef0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/caresole-logo.webp
104.21.4.212200 OK 11 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/caresole-logo.webp
IP 104.21.4.212:0
File type PNG image data, 250 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c5dbd2e1ce2316b00542d800ef78ce0
621e8e53b796f51192300283da10107a8ac30280
cfd90f4cf00eb0e2918940b49b27c69cade015d631b3d7ac31c227f624edcb83
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/caresole-logo.webp HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
Cookie: _gcl_au=1.1.1983297032.1663910115
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: image/webp
Content-Length: 11188
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-2bb4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJP8E1UWm6uUTdzF60Tl7nNNy84vL%2FuQO5RA6EeIZfX7Yjo1GC6J8%2FgcoL2RdDRF5bTAxv6TfX1Vwo5x8GyTbl9CLopN1e6iw2mxzgZUZroaXfhI3wK77Dxc3mBdaVVcF5F8%2Fok%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2f6a690afe-OSL
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
104.21.4.212200 OK 66 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
IP 104.21.4.212:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: image/webp
Content-Length: 65510
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-ffe6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BthjmSJGUKM8DuIkV47k3B1eBBynpN55o6lP%2FXpCuBXuQJBmE%2Buu3TD6G2IOCHvcaUIH2onyoG5DSf3rsuuSLyMRXA4qftoLrGGoy19uRIT8BsDlVZEZLTuUsuU9RlbufOsPGs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2f1a8fb51b-OSL
alt-svc: h2=":443"; ma=60
www.sowaids.ru.com/clicks/circaknee_files/blank_data/inject.css
104.21.4.212200 OK 928 B URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/blank_data/inject.css
IP 104.21.4.212:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blank_data/inject.css HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee_files/blank.htm
Cookie: _gcl_au=1.1.1983297032.1663910115
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-f28"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1P5tStWTjAsVyeGzd9YClMbmZu6qbdqgHfyXDJz5WfL%2FKWHJI3md7JabwjsuYK6f49M3agzzxazNa7P3gOiE%2Fg0HhHwC4CLNR%2FIOs4H%2Fikd0JvAUAOvZl%2F%2BwfcCyR0PJY5o9iU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd30d962b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 14df7a66fca87088b6d5256bd7521b30
014231177ac384d16ea861739bd28655db613ee4
bfa4443d1edfcdd73f0347cdfc1ac969c155707d830b9cf4e1c017322ad9c043
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFA4443D1EDFCDD73F0347CDFC1AC969C155707D830B9CF4E1C017322AD9C043"
Last-Modified: Tue, 20 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7340
Expires: Fri, 23 Sep 2022 07:17:36 GMT
Date: Fri, 23 Sep 2022 05:15:16 GMT
Connection: keep-alive
www.sowaids.ru.com/clicks/circaknee_files/E-v1.js
104.21.4.212200 OK 154 kB URL HTTP/1.1 www.sowaids.ru.com/clicks/circaknee_files/E-v1.js
IP 104.21.4.212:0
File type ASCII text, with very long lines (65459)
Size 154 kB (153756 bytes)
Hash aaaf417f60bc4b6154bc19e986c91100
cbec210ecfe93e0228665dd34c1ce55a5ad92cd2
5b77d5516120b74fe87c6940c863883d02db3306f138b897758e7abc4bd0dcbe
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/E-v1.js HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-9b796"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnk06rT0go9PD0Adcj3xcp0KZ%2FWnJL6k4Rb%2Fz98c%2BiLBniOywHj3WMcBIq%2FwKP3LFb9pJn3eWuFlfnFwf5kneNuz8212nPgR%2Bgj9ZWlA4RYx23Wpbrl%2BD0AUSyFLZRKz%2BeyUseg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd2e284dfab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
api.sjpf.io/
99.83.173.21200 OK 204 B IP 99.83.173.21:0
File type ASCII text, with no line terminators
Hash e871d15efe6d711868c4d519a942e62a
b706269330f60d9717eebbdadba5df0b421d152d
5470d087135d0851cbb10ecf4e01410296cad985aec7638a13caf506972cca89
GET / HTTP/1.1
Host: api.sjpf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=2592000, immutable, private
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 204
date: Fri, 23 Sep 2022 05:15:16 GMT
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/wistia-mux.js
151.101.86.110200 OK 37 kB URL HTTP/1.1 fast.wistia.net/assets/external/wistia-mux.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 088055ee2e1d957c0747384fd644b01d
a05f4510e6127c5ba4a204a3de92f8e76ef3bc77
1213ca9a4ad31ab9d1bb8cc2c60517a48099dde403112d4251e5c5e94d996b24
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "632b5ad6-9121"
Last-Modified: Wed, 21 Sep 2022 18:41:26 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 37153
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:16 GMT
Age: 180
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200134-IAD, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663910116.299670,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
www.google-analytics.com/analytics.js
20 kB URL www.google-analytics.com/analytics.js
IP :0
File type gzip compressed data, max compression\012- data
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Sep 2022 05:15:16 GMT
expires: Fri, 23 Sep 2022 05:15:16 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
151.101.86.110200 OK 1.8 kB URL HTTP/1.1 fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
IP 151.101.86.110:0
File type ASCII text, with very long lines (5581), with no line terminators
Hash 5173fac4b7fb49d9b7ca7ce3beac198f
b7a9475d68633b2ef3a2534f7e4f9ea7e689606e
dc752db62b12ca31b1fb3352c136e3fd62eb5d52c82d647c3da94e80e896dc2c
GET /embed/medias/wl3c973xo9.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
ETag: W/"abcafdc774662de0cf654a4149a05152"
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Referrer-Policy: strict-origin-when-cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 2ead4415b1478378c9243ff14e4d576f
X-Runtime: 0.059668
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1832
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:16 GMT
Age: 43332
Connection: keep-alive
X-Served-By: cache-iad-kiad7000037-IAD, cache-bma1656-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1663910116.300320,VS0,VE94
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fast.wistia.net/assets/external/share-v2.js
151.101.86.110200 OK 16 kB URL HTTP/1.1 fast.wistia.net/assets/external/share-v2.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (51509), with no line terminators
Hash dcde97d689549965a152fc2b667ebfab
f3196fb8de37619e4a0b2cc5f188f4274934e794
4b06cd4dabdd827daa6ebff4aeffb8032bab79d0ff80c10fca6d8857c7510df5
GET /assets/external/share-v2.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "632b5ad6-3d94"
Last-Modified: Wed, 21 Sep 2022 18:41:26 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 15764
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:16 GMT
Age: 164
Connection: keep-alive
X-Served-By: cache-iad-kiad7000091-IAD, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663910116.415973,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
52.176.5.241101 Switching Protocols 0 B URL HTTP/1.1 ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
IP 52.176.5.241:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?trackingId=5f8ea23018087a1c5c16753a HTTP/1.1
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.sowaids.ru.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K/aeKmY0OHlF/MPUhuXQRw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Fri, 23 Sep 2022 05:15:15 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=037dbec5a5dcd82c8f8d5584974dc77c0077c5c8c333229c2e7eb0c79af7521b;Path=/;HttpOnly;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
ARRAffinitySameSite=037dbec5a5dcd82c8f8d5584974dc77c0077c5c8c333229c2e7eb0c79af7521b;Path=/;HttpOnly;SameSite=None;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
Upgrade: websocket
Sec-WebSocket-Accept: iWFlcIvYHEEOCH2oEoKZXKuUiL4=
Origin: http://www.sowaids.ru.com
X-Powered-By: ASP.NET
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash dd83d4959e841de17d7241fab4a13802
c0cdb67bc0d3f670b5f141e12e076f78c43194dc
fbf4227f9306c4ec0577fee7226449d81c693d5c70b0151861db66142b8bd901
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 05:15:16 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QFKTM-jfVY2t6IvYqw0SdIEy3kVn12wYtbovZeZQJn78LvfcSK_oYw==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1663910115746&cv=9&fst=1663910115746&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.194200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1663910115746&cv=9&fst=1663910115746&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2722), with no line terminators
Hash 8a732c3e134780e2ecc307233b8de533
434b77dd758223d233764a3bbbd4043945f0d598
8642ae9a6541f175176e810c15c96366c351c4c8116860c44cb3bd7c31417d1f
GET /pagead/viewthroughconversion/781463602/?random=1663910115746&cv=9&fst=1663910115746&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 05:15:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1240
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Sep-2022 05:30:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
54.230.111.52200 OK 1.0 kB URL HTTP/2 www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
IP 54.230.111.52:0
File type PNG image data, 128 x 127, 8-bit colormap, non-interlaced\012- data
Hash 0f351fbdf834a0dfa6b09ee104664762
1d0f4329ee8bd6e0f4fd1e89ba7b6e7feb4c117b
d4571ae92aa3e457bd64730f7bca11b74a0052faddd90e9c57560683ed538c11
GET /en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png HTTP/1.1
Host: www.buycircaknee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1048
date: Thu, 22 Sep 2022 09:54:10 GMT
cache-control: max-age=31536000
last-modified: Thu, 22 Sep 2022 09:44:04 GMT
etag: "0f351fbdf834a0dfa6b09ee104664762"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3YSIeSL-tCTdBRsE4_EeyPp0UBJ870la4Cn28Z4KwjxY5qtOGXqx5g==
age: 69667
X-Firefox-Spdy: h2
embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
23.36.76.200200 OK 66 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
GET /deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/webp
Accept-Ranges: none
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
content-disposition: inline
Last-Modified: Tue, 11 May 2021 01:11:50 UTC
surrogate-key: 624bfc51d2fcbc0ebaac400b53014447 thumbnail-delivery
Content-Length: 65510
Cache-Control: max-age=31054215
Date: Fri, 23 Sep 2022 05:15:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash e8aac49daebb612d7f570f68c50e7914
88486fadf86d161cf90ce1be1bbfff7fee9dc743
dac603ba00a807f6ba9fd86fe90a3ab696b4c46aae073c303ad4e3b34b8c86fb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 05:15:16 GMT
Last-Modified: Fri, 23 Sep 2022 03:32:17 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wPbXCLoZ_RCxBo1QZUf0pI0ltLUX9JymgqSbRwWvC6vPM6srTbOO0Q==
Age: 6180
fast.wistia.net/assets/external/engines/manual_quality_video.js
151.101.86.110200 OK 25 kB URL HTTP/1.1 fast.wistia.net/assets/external/engines/manual_quality_video.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5f34fb143ebb48f3e8a42fca02878707
f9bc9126bf05c2caeec00cb8e6b7f3a926416ccb
c29ef5c516533467b029fdd597983988db8686147ce06180fa73758e02e024be
GET /assets/external/engines/manual_quality_video.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "632b5ad6-61b6"
Last-Modified: Wed, 21 Sep 2022 18:41:26 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 25014
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:16 GMT
Age: 162
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100022-IAD, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663910117.663340,VS0,VE92
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fast.wistia.net/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/1.1 fast.wistia.net/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Type: image/gif
ETag: "632ccf31-4be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Thu, 22 Sep 2022 21:10:09 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1214
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:16 GMT
Age: 28983
Connection: keep-alive
X-Served-By: cache-iad-kiad7000058-IAD, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 71
X-Timer: S1663910117.811922,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fp.ctrwow.com/
75.2.62.78403 Forbidden 75 B IP 75.2.62.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c241ceb70e4078ebec7130af3285e4f3
c8573ff6d3c6e0cf6c0d9f75a60b5ec515238087
79f1153ac538c24d664c76f4d069ed44332cec9d3baf09b61d50041ce5596779
POST / HTTP/1.1
Host: fp.ctrwow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1022
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Fri, 23 Sep 2022 05:15:16 GMT
content-type: application/json; charset=utf-8
content-length: 75
server: nginx
access-control-allow-credentials: true
access-control-allow-origin: http://www.sowaids.ru.com
access-control-expose-headers: Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=658906236.1663910116&jid=709322592&gjid=968276296&_gid=114544858.1663910116&_u=YEBAAUAAAAAAAC~&z=1072715412
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=658906236.1663910116&jid=709322592&gjid=968276296&_gid=114544858.1663910116&_u=YEBAAUAAAAAAAC~&z=1072715412
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-22484186-3&cid=658906236.1663910116&jid=709322592&gjid=968276296&_gid=114544858.1663910116&_u=YEBAAUAAAAAAAC~&z=1072715412 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.sowaids.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Sep 2022 05:15:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-135383900-2&cid=658906236.1663910116&jid=1969297834&gjid=709784299&_gid=114544858.1663910116&_u=YEDAAUABAAAAAC~&z=316574809
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-135383900-2&cid=658906236.1663910116&jid=1969297834&gjid=709784299&_gid=114544858.1663910116&_u=YEDAAUABAAAAAC~&z=316574809
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-135383900-2&cid=658906236.1663910116&jid=1969297834&gjid=709784299&_gid=114544858.1663910116&_u=YEDAAUABAAAAAC~&z=316574809 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.sowaids.ru.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 23 Sep 2022 05:15:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/781463602/?random=1663910115746&cv=9&fst=1663909200000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=228541665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/781463602/?random=1663910115746&cv=9&fst=1663909200000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=228541665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/781463602/?random=1663910115746&cv=9&fst=1663909200000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=228541665&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 05:15:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/playPauseLoadingControl.js
151.101.86.110200 OK 18 kB URL HTTP/1.1 fast.wistia.net/assets/external/playPauseLoadingControl.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (59899), with no line terminators
Hash a45da5b08be4113e3105d0e0398aa571
d18fe036228c0afc0242453c3b41454132b84867
a0c77aaedb6888e15d1ecaecc5c5d042e9bcd9558be7fbba37a277bd9848ab64
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "632b5ad6-45aa"
Last-Modified: Wed, 21 Sep 2022 18:41:26 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 17834
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:16 GMT
Age: 181
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200106-IAD, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663910117.925149,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
cdn.getblueshift.com/blueshift.js
54.230.111.116200 OK 2.0 kB URL HTTP/1.1 cdn.getblueshift.com/blueshift.js
IP 54.230.111.116:0
File type ASCII text, with very long lines (4407), with no line terminators
Hash e180e60ec878d69551a1c449b37c6552
41e08b360ccf3b35947abcf709f1cc249f6393c6
daa4b9339673c9cce7e986f05b60b11f5773108503f83ce2f81464fc470f254c
GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1990
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 23 Sep 2022 04:58:34 GMT
Cache-Control: max-age=3600
ETag: "e180e60ec878d69551a1c449b37c6552"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Vv_KUfHbjxSkFlWwXZLtWkwSnmclk4i9xCxvqflTm54uRa2oCKu1RA==
Age: 1008
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:15:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/assets/external/E-v1.js
151.101.86.110200 OK 150 kB URL HTTP/1.1 fast.wistia.com/assets/external/E-v1.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (150029 bytes)
Hash 8325eaea69fbe36a2a0e40980052eb1b
b219994397a4adebc6e4f01cb334cbc4b14bb453
618754d111ccaeb7cb1d661e7ac368a2b57f171b4b556d597a975bf2154f8772
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "632b5ad6-24a0d"
Last-Modified: Wed, 21 Sep 2022 18:41:26 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 150029
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:16 GMT
Age: 182
Connection: keep-alive
X-Served-By: cache-iad-kiad7000159-IAD, cache-bma1663-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 90, 1
X-Timer: S1663910117.982791,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:15:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:15:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:15:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Fri, 23 Sep 2022 09:01:32 GMT
Date: Fri, 23 Sep 2022 05:15:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 26177
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61059307f07edc4e2ba9d07a258bca43
370d166426ad83fc04ccb6e300238d8cb6ab644a
55ec802097ab49f275686e99844ff4a3b554c8998213bb9c3f0380709297c55b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5936
x-amzn-requestid: 39e79389-c158-4427-aae0-b1d0dc1d0377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VowElZoAMF2Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfd1-2da28eb66f876af76158b090;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -DSp0__jaBzizsfagTtIpwhkPqkvjS1L6T17J0OS5W0QhZww03ywpw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:42:39 GMT
age: 23558
etag: "370d166426ad83fc04ccb6e300238d8cb6ab644a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e125802119a2737820b343c4e9ecfb6
30ccc2dd2597b5b720d66c960ee8bd63c7115630
90cce372b2b8c89569fffc55de468bfc7cd4b7454ae7c55c48b7a846506b576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11059
x-amzn-requestid: 65fe1c05-a158-4ac2-8368-f26da119ef68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcDTgGV4oAMF0iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217f49-74fc5c511bee36fd11d6d2eb;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:14:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8k-1BHGHnBYSNqKWsRvVt8MpglKJ4eodtFakTTnr7ZzqSpP8iJWqVA==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:57:54 GMT
age: 22643
etag: "30ccc2dd2597b5b720d66c960ee8bd63c7115630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3056431736af42cc145a77dbc77c45a7
977068c1cfdf8dfb64cbe8fb8d917ebc8e3e970e
d299e38c678f4c4548cd2e7cf7ff1b07910b316bfc8b13c492b4fbee0a66b079
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9892
x-amzn-requestid: f1d435d6-ed01-46b6-8f36-615f07f8cac0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VpWGamoAMFppA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfd5-2c3726b022bd389a156532c4;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1RKDNfgarIwNgVps5U8xWLQaDppXNAVxULqMseYJOIOuPF6nCV0aNw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:26:54 GMT
age: 2903
etag: "977068c1cfdf8dfb64cbe8fb8d917ebc8e3e970e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b577444b5b0cf15747fe28a9d7f22d53
e6097275af3204124c48aa0d876eba0d18b26e7e
0f57e130b23b87fa4e1f9c2a2beff54f1ca73d87a244442558209e378befef11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4999
x-amzn-requestid: 6f7b073e-f199-4bfa-8f9c-6688dbfba15a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn7p7GyRIAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263fd8-566d8b3c1c25e3fa36259812;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:44:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 67IkCpdOLJbKDPzgrIgyWV4axpopLuln041fPgEQKn0Zc2dvdDHnkA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:54:39 GMT
age: 22838
etag: "e6097275af3204124c48aa0d876eba0d18b26e7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sowaids.ru.com/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
104.21.4.212404 Not Found 116 B URL HTTP/1.1 www.sowaids.ru.com/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
IP 104.21.4.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534 HTTP/1.1
Host: www.sowaids.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/clicks/circaknee.php?sid=994893&h=x94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o/O7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
Cookie: _gcl_au=1.1.1983297032.1663910115; _ga=GA1.3.658906236.1663910116; _gid=GA1.3.114544858.1663910116; _gat_gtag_UA_22484186_3=1; _gat_gtag_UA_135383900_2=1
HTTP/1.1 404 Not Found
Date: Fri, 23 Sep 2022 05:15:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl0RgkP%2FpyDiJDgGN6tnQw3LSuG87excRxYObvLnD%2FgYiaVVNWsdTcsnhez4saNaOLPG%2FPUO0PhxyTixZShlHJXp%2FH2B%2FbXqSI6BhiHHc9r9y6%2BbV2evZbV5maaAgVHAqRJr4hY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f0cd36ede0b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash da9363ef519ec6f1a30e4357264fc02f
02b94e7a3e12fe66b1616d4ce1a4040369f6cf5a
49a924cc5595cee954edefd60c6c520e14fde8f46d854f2b8bf5a643cd0ed621
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 05:15:17 GMT
Last-Modified: Fri, 23 Sep 2022 03:54:04 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DBri8PvQG8rvhIN7-YsokA4gCd8PMI5S3XlOcxmiRPyBwCs6Jke_oQ==
Age: 4873
distillery.wistia.com/x
44.197.44.53204 No Content 0 B IP 44.197.44.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1292
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 05:15:17 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 396a2ba21b974d17d4ae21b43beb47c4
3fa618c7b30ff64e00fcd1a60848488c51defcb0
a3857296b66e0a55657664164c14ffc4e15ccefb8cf5ccbfc5681696a15e7354
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 05:15:17 GMT
Last-Modified: Fri, 23 Sep 2022 04:06:42 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qz9KpgxPx4m1y2XWOTvSuUm-n8S02wT6q_N7DhmhllUvGVewgS3rPQ==
Age: 4115
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 396a2ba21b974d17d4ae21b43beb47c4
3fa618c7b30ff64e00fcd1a60848488c51defcb0
a3857296b66e0a55657664164c14ffc4e15ccefb8cf5ccbfc5681696a15e7354
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 05:15:17 GMT
Last-Modified: Fri, 23 Sep 2022 04:07:22 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 25bxvPGqxitwQKi9-BbgOLUK_E3JYYParZROPiIZyK0eD0Ry848pLw==
Age: 4075
fg8vvsvnieiv3ej16jby.litix.io/
34.237.205.186200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 34.237.205.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.sowaids.ru.com/
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Fri, 23 Sep 2022 05:15:17 GMT
Content-Length: 0
Connection: keep-alive
fg8vvsvnieiv3ej16jby.litix.io/
34.237.205.186200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 34.237.205.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1514
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Date: Fri, 23 Sep 2022 05:15:17 GMT
Content-Length: 0
Connection: keep-alive
distillery.wistia.com/x
44.197.44.53204 No Content 0 B IP 44.197.44.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1280
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 05:15:17 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/allIntegrations.js
151.101.86.110200 OK 6.2 kB URL HTTP/1.1 fast.wistia.net/assets/external/allIntegrations.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (21488), with no line terminators
Hash 479c3d43fc32adefbc7b0a21729a27de
03bc95db80884138c4c02e5ee4d0289c02fc3313
9da99cb5d6f56332e08a440bdecef3faf7788190b607e9fe9bb736028289301c
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "632b5ad6-1862"
Last-Modified: Wed, 21 Sep 2022 18:41:26 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 6242
Accept-Ranges: bytes
Date: Fri, 23 Sep 2022 05:15:18 GMT
Age: 176
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200172-IAD, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663910118.931384,VS0,VE99
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
pipedream.wistia.com/mput?topic=metrics
52.44.213.33200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP 52.44.213.33:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 4317
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:18 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
api.getblueshift.com/unity.gif?t=1663910117&e=pageload&r=&z=655749&x=13c25a652e2a0c05cb06a3b1dba09a85&k=d9d525a3-892f-a7c8-2c32-becba3676f44&u=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
35.82.232.93200 OK 0 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1663910117&e=pageload&r=&z=655749&x=13c25a652e2a0c05cb06a3b1dba09a85&k=d9d525a3-892f-a7c8-2c32-becba3676f44&u=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
IP 35.82.232.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /unity.gif?t=1663910117&e=pageload&r=&z=655749&x=13c25a652e2a0c05cb06a3b1dba09a85&k=d9d525a3-892f-a7c8-2c32-becba3676f44&u=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1 HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://www.sowaids.ru.com/
Origin: http://www.sowaids.ru.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:18 GMT
Content-Length: 0
Connection: keep-alive
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://www.sowaids.ru.com
access-control-allow-headers: x-api-key, if-modified-since, if-none-match, x-requested-with, content-type
access-control-allow-methods: GET, PATCH, DELETE, HEAD, PUT, OPTIONS, POST
access-control-max-age: 86400
api.getblueshift.com/unity.gif?t=1663910117&e=pageload&r=&z=655749&x=13c25a652e2a0c05cb06a3b1dba09a85&k=d9d525a3-892f-a7c8-2c32-becba3676f44&u=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
35.82.232.93200 OK 42 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1663910117&e=pageload&r=&z=655749&x=13c25a652e2a0c05cb06a3b1dba09a85&k=d9d525a3-892f-a7c8-2c32-becba3676f44&u=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1
IP 35.82.232.93:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /unity.gif?t=1663910117&e=pageload&r=&z=655749&x=13c25a652e2a0c05cb06a3b1dba09a85&k=d9d525a3-892f-a7c8-2c32-becba3676f44&u=http%3A%2F%2Fwww.sowaids.ru.com%2Fclicks%2Fcircaknee.php%3Fsid%3D994893%26h%3Dx94VYLFXeJNpSzn0vyaQ-ahKntEC9dpnmIW2qWKgj9o%2FO7dh1Lb6Gc-DeUr-IKmnNjRfdALu4BGiG_B0eRigOknH4VBJD5aTE6bP6BLm7mWeem7pq33QOmTBUhVFTKmIdPtip0KZ94faS6aKnuBEPp8ffdjn4N1_l1bBCPyH-Ql1 HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Api-Key: 13c25a652e2a0c05cb06a3b1dba09a85
Origin: http://www.sowaids.ru.com
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 05:15:18 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
access-control-allow-origin: http://www.sowaids.ru.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: etag
static.hotjar.com/c/hotjar-1450693.js?sv=7
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1450693.js?sv=7
IP 143.204.55.84:0
GET /c/hotjar-1450693.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.sowaids.ru.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 05:15:05 GMT
cache-control: max-age=60
etag: W/b531c51eadc77a2c49d69655633ee431
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gwa6GtI0S5-4EUk5i_Jou9W3Eti23vXnrXhugRrBgnPaEKjYrDdkUw==
age: 10
X-Firefox-Spdy: h2