firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h1ZxUMMY4WWeVyOEl5p0ezHeSGMezl4QEwlQh1MZzh4qWdzZQAjecg==
Age: 98473
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Thu, 06 Oct 2022 20:15:02 GMT
Date: Thu, 06 Oct 2022 19:08:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4412
Expires: Thu, 06 Oct 2022 20:22:04 GMT
Date: Thu, 06 Oct 2022 19:08:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qW+tRNZkvJ4YNzkKJf9e7KaRu37G1mvCKxhWIrBfG8vvE/UdNY5ld25F75ReUMzmWEWa2XQq+hc=
x-amz-request-id: SMYMYXR62ZHES6GS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 18:58:51 GMT
age: 581
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 19:08:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 18:29:41 GMT
Expires: Thu, 06 Oct 2022 19:07:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hk_tiwr4NHcqhN0DBZR0fHvU01LRuXs9zQWUzvZ_Z2BjBmLqwG4KAg==
Age: 2331
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3541
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:08:32 GMT
Last-Modified: Thu, 06 Oct 2022 18:09:31 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /3d5BEL0793oH6CtJY3Cuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zM09FllzSdBrjGy2IDtpul5lnIU=
medsouz74.ru/acts/
46.254.17.18200 OK 7.6 kB IP 46.254.17.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (439), with CRLF, LF line terminators
Hash 3ea18ee6faed9f004ed48baeb11a4858
242e09ca5f534872652cea561c1ec0eccc4eb02f
e6e86ef68ab87251c71a3c48276e988471cfbf060ad98ccc3bbdff8fe9ef215f
Analyzer Verdict Alert fortinet Malware
GET /acts/ HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.35
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
X-Powered-CMS: Bitrix Site Manager (7a455765bf6e98501d9071daa43f46e1)
Set-Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
medsouz74.ru/bitrix/cache/css/s1/nko_s1/page_36b77c7f328f9a0f0d3644abe470bf40/page_36b77c7f328f9a0f0d3644abe470bf40_v1.css?15435611911352
46.254.17.18200 OK 1.4 kB URL HTTP/1.1 medsouz74.ru/bitrix/cache/css/s1/nko_s1/page_36b77c7f328f9a0f0d3644abe470bf40/page_36b77c7f328f9a0f0d3644abe470bf40_v1.css?15435611911352
IP 46.254.17.18:0
Hash 5fd7fa0eb23e3e184bd0eebbeab0f0f7
df4f2c4bd4822e55be9eefbb8998c7499e853bd2
4dfe95f6383bea60c0a27a17ceec0865076c9de70f2bc346a992465021588182
GET /bitrix/cache/css/s1/nko_s1/page_36b77c7f328f9a0f0d3644abe470bf40/page_36b77c7f328f9a0f0d3644abe470bf40_v1.css?15435611911352 HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: text/css
Content-Length: 1352
Last-Modified: Fri, 30 Nov 2018 06:59:51 GMT
Connection: keep-alive
ETag: "5c00dfe7-548"
Accept-Ranges: bytes
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/250/addthis_widget.js
Date: Thu, 06 Oct 2022 19:08:33 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
medsouz74.ru/bitrix/templates/nko_s1/grayscale.js
46.254.17.18200 OK 13 kB URL HTTP/1.1 medsouz74.ru/bitrix/templates/nko_s1/grayscale.js
IP 46.254.17.18:0
Hash 05f38518a8a687a59ce47d3fecc00325
7b7d247db124cb89e44649e39de9197d200a84f8
cc5df36b109e28126c56ceb7c576a55de261601c68ed479b6c38758e76de3fcf
Analyzer Verdict Alert fortinet Malware
GET /bitrix/templates/nko_s1/grayscale.js HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: application/javascript
Content-Length: 12906
Last-Modified: Thu, 13 Sep 2012 06:00:14 GMT
Connection: keep-alive
ETag: "5051766e-326a"
Accept-Ranges: bytes
medsouz74.ru/bitrix/cache/js/s1/nko_s1/template_351e98f5a8022763a28c10d6de73a775/template_351e98f5a8022763a28c10d6de73a775_v1.js?1543558722643
46.254.17.18200 OK 643 B URL HTTP/1.1 medsouz74.ru/bitrix/cache/js/s1/nko_s1/template_351e98f5a8022763a28c10d6de73a775/template_351e98f5a8022763a28c10d6de73a775_v1.js?1543558722643
IP 46.254.17.18:0
File type ASCII text, with very long lines (343)
Hash 054be968f3fe34d3670d3cfd39489355
de06a88e8d42766bcb14a5ababab5d6c0a4f9d3b
f29e0af8d4a2d13d533294e4dd6a6843ce36a149d40cfa6fb97f832892d94f52
GET /bitrix/cache/js/s1/nko_s1/template_351e98f5a8022763a28c10d6de73a775/template_351e98f5a8022763a28c10d6de73a775_v1.js?1543558722643 HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: application/javascript
Content-Length: 643
Last-Modified: Fri, 30 Nov 2018 06:18:42 GMT
Connection: keep-alive
ETag: "5c00d642-283"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/250/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116393 bytes)
Hash 8caf41650f1ef5c6430490d20e2d2af6
b69f795ea1b8ec18280f7d1707ac8b7712fd3694
b4f0a30adea9d2d3fd4f74d0b07ae167397434c002bea27eaea8b95022d72aae
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://medsouz74.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116393
date: Thu, 06 Oct 2022 19:08:33 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
medsouz74.ru/bitrix/templates/nko_s1/jquery.jcarousel.min.js
46.254.17.18200 OK 16 kB URL HTTP/1.1 medsouz74.ru/bitrix/templates/nko_s1/jquery.jcarousel.min.js
IP 46.254.17.18:0
File type ASCII text, with very long lines (15184), with CRLF line terminators
Hash 819259ceec87de71d89e058f633b9b72
dd0fbccffce0f8339302a928fef52636a233fdd4
414931870d7e9da3a2432132dc08fa04934ba24f8c4fef455571889311a5ab11
Analyzer Verdict Alert fortinet Malware
GET /bitrix/templates/nko_s1/jquery.jcarousel.min.js HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: application/javascript
Content-Length: 15668
Last-Modified: Mon, 04 Jun 2012 11:24:16 GMT
Connection: keep-alive
ETag: "4fcc9ae0-3d34"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:08:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bitrix.info/ba.js
99.81.218.191200 OK 3.0 kB IP 99.81.218.191:0
File type ASCII text, with very long lines (6659), with no line terminators
Hash 3f4ae6a3d97c2564a0e5c02e1ebdf4f8
df7bad29a1e8c70f9e27467e73a1a3a894055cdf
0d65b327ff4539fbcdc2d773ee883fd832b37aca69352141a731cae2e46844e5
GET /ba.js HTTP/1.1
Host: bitrix.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Last-Modified: Wed, 19 May 2021 09:38:44 GMT
ETag: W/"60a4dca4-1a03"
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: bx_user_id=9638d93f971bf5505da14c98db14538f; expires=Sun, 03-Oct-32 19:08:33 GMT; path=/; domain=bitrix.info; SameSite=None; Secure
Access-Control-Allow-Origin: *
Expires: Sat, 08 Oct 2022 19:08:33 GMT
Cache-Control: max-age=172800
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbe708eaeca5f16c6ebcddcf854853e3
97086d513268b383df2bc15ded5c775266195777
470fa94e4f49f0ee5ded8dba23c6f738274cc30f86abb2b4e935da8b2e0d853f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "470FA94E4F49F0EE5DED8DBA23C6F738274CC30F86ABB2B4E935DA8B2E0D853F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14619
Expires: Thu, 06 Oct 2022 23:12:12 GMT
Date: Thu, 06 Oct 2022 19:08:33 GMT
Connection: keep-alive
www.acint.net/aci.js
46.4.114.109200 OK 7.5 kB IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medsouz74.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:33 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Wed, 08 Jun 2022 16:58:23 GMT
etag: "62a0d52f-1d25"
content-encoding: gzip
expires: Fri, 07 Oct 2022 07:08:33 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
46.4.114.109302 Moved Temporarily 142 B IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/mc/?dp=10
46.4.114.109302 Found 154 B IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://medsouz74.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 06 Oct 2022 19:08:33 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 06-Oct-22 19:18:33 GMT
aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
46.4.114.109200 OK 1.5 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash d5c7e06321d16c71ec6f161e84228b5c
2469ac9dc73d5f8a1083595c06521cd4250c9589
3dc79094ba889ffecb6c05567e0cd43a681ad0944f4b86a5a9fee706a80d00e1
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://medsouz74.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:33 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1665083313; expires=Fri, 07-Oct-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1665083313; expires=Thu, 20-Oct-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1665083313; expires=Thu, 20-Oct-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1665083313; expires=Thu, 20-Oct-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1665083313; expires=Fri, 21-Oct-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1665083313; expires=Sat, 05-Nov-22 19:08:33 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash deeff898fcb8f0dff53f35bfe6335b94
d9574ba0a1bc7ca35f23e95a250a675a92af7f4d
151034ed8d274df03e725c11599536d5a285d02ae38ed5c57758dc18f76736b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "151034ED8D274DF03E725C11599536D5A285D02AE38ED5C57758DC18F76736B2"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2227
Expires: Thu, 06 Oct 2022 19:45:41 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a33794ed6feb32db4b9ccdf2177dc244
d0f11f78136b4adb76db83a5fea31746cec4a2c4
17221e1d2e6ae04f61aebcd324fe68587da44f14db721920b3bdc1e51f3b5b38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17221E1D2E6AE04F61AEBCD324FE68587DA44F14DB721920B3BDC1E51F3B5B38"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4828
Expires: Thu, 06 Oct 2022 20:29:02 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.200302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.200:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=CDB803C1B2273F636300F59C0231EC7A
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4zWM/J7Kc9QBjeuwxAkMqQ1Fs6IWMQduUmnFFzBO62pJv; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
medsouz74.ru/upload/iblock/378/378a4de55472fa49c72fe2e040d3d72a.jpg
46.254.17.18200 OK 4.3 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/378/378a4de55472fa49c72fe2e040d3d72a.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 224x225, components 3\012- data
Hash 80d11903fb758cbc4ca4b30f88723dfb
70b3ffc3a8174c76dcb13789e454adef3fa22ebc
7957d5784b49caba746b16f12893bd5e025ec9c72b2e030b36473d5e1110751c
GET /upload/iblock/378/378a4de55472fa49c72fe2e040d3d72a.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 4252
Last-Modified: Wed, 05 Feb 2020 10:18:38 GMT
Connection: keep-alive
ETag: "5e3a967e-109c"
Accept-Ranges: bytes
medsouz74.ru/bitrix/templates/nko_s1/images/header-bg.png
46.254.17.18200 OK 1.2 kB URL HTTP/1.1 medsouz74.ru/bitrix/templates/nko_s1/images/header-bg.png
IP 46.254.17.18:0
File type PNG image data, 1001 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1656f32c954b9771ad7b4e1630602acf
12ec27ccb9fc708453a69c06fde567a797d447cd
e37e8b88c0f6c337b700e5190b2a615860e17b7ac440692d71add8185899c19d
GET /bitrix/templates/nko_s1/images/header-bg.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 1177
Last-Modified: Thu, 13 Sep 2012 05:37:34 GMT
Connection: keep-alive
ETag: "5051711e-499"
Accept-Ranges: bytes
medsouz74.ru/bitrix/components/bitrix/menu/templates/tree/images/page.gif
46.254.17.18200 OK 248 B URL HTTP/1.1 medsouz74.ru/bitrix/components/bitrix/menu/templates/tree/images/page.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 17 x 17\012- data
Hash c0ce993513f256aa17db823cd1b0b8c4
fc76da82ae8c031955c84230d569eb6be5e3e611
d98ddabd7160a22039b3c28dffc9ed1e7205903da754a43783cabbbf751979ed
GET /bitrix/components/bitrix/menu/templates/tree/images/page.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 248
Last-Modified: Mon, 04 Jun 2012 09:41:40 GMT
Connection: keep-alive
ETag: "4fcc82d4-f8"
Accept-Ranges: bytes
sync.republer.com/match?dsp=sape
23.88.82.46204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP 23.88.82.46:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DB1273F63FE0024060230EA97
136.243.148.229302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DB1273F63FE0024060230EA97
IP 136.243.148.229:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=4620b961-45aa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 19:08:34 GMT; SameSite=None; Secure
uid-legacy=4620b961-45aa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 19:08:34 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DB1273F63FE0024060230EA97&cs=1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a116b1d81285955e34ce7b24ff5cb1b2
495d1c842868e1e5aa7d5049a419d41fc161bd3d
f6dbbea051048b91ae0276b1acf0831b153878ce039d3218ad10e3676df51684
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 15:41:02 GMT
Expires: Tue, 11 Oct 2022 15:41:01 GMT
Etag: "495d1c842868e1e5aa7d5049a419d41fc161bd3d"
Cache-Control: max-age=418946,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7560afb959b4b4e8-OSL
medsouz74.ru/upload/iblock/ee0/ee065e739f069d2ccc715388a1b11ec0.jpg
46.254.17.18200 OK 8.2 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/ee0/ee065e739f069d2ccc715388a1b11ec0.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash 89a2589aa0d9e029c415b524e570c3e7
55d66c9626f6eec38f18af9902e0b5c802adc8ea
83e33cb201d07ee5da3d0b3fcf0cc3f21fb9f3eeb7c467ce864e8974182b37d0
GET /upload/iblock/ee0/ee065e739f069d2ccc715388a1b11ec0.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 8228
Last-Modified: Thu, 28 Jun 2012 09:13:14 GMT
Connection: keep-alive
ETag: "4fec202a-2024"
Accept-Ranges: bytes
sync.upravel.com/sape/sync
136.243.48.22302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 136.243.48.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1665083314154;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1665083314154;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
medsouz74.ru/bitrix/templates/nko_s1/images/bg3.jpg
46.254.17.18200 OK 129 kB URL HTTP/1.1 medsouz74.ru/bitrix/templates/nko_s1/images/bg3.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1900x1267, components 3\012- data
Size 129 kB (129408 bytes)
Hash 2b38ebca3145b019f14ceb24d931bde1
ad5703cd4873da2dabb8c6ae0c32f92fc9a02d12
9017a8889f9bd44e4159f373fc07d1dcd1bdd75a3f24688aa29d04008b90fa21
GET /bitrix/templates/nko_s1/images/bg3.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 129408
Last-Modified: Tue, 11 Sep 2012 10:37:32 GMT
Connection: keep-alive
ETag: "504f146c-1f980"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/cbe/cbeeef2a85fe490e974e034509669121.png
46.254.17.18200 OK 20 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/cbe/cbeeef2a85fe490e974e034509669121.png
IP 46.254.17.18:0
File type PNG image data, 267 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash 67ac34ee10abac680fb70fce23494870
2c2100bf0b476a7ab8265dfd541bf798d8ca2da1
84d7964b24a74959ab84f722888e356c0b1afa9f3b900cdac61f105271bbde42
GET /upload/iblock/cbe/cbeeef2a85fe490e974e034509669121.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 20231
Last-Modified: Fri, 25 Jun 2021 09:14:49 GMT
Connection: keep-alive
ETag: "60d59e89-4f07"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/42c/42c99dc0a2156760016ef81d3963f268.jpg
46.254.17.18200 OK 3.3 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/42c/42c99dc0a2156760016ef81d3963f268.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash d3b9c63b074d45c1ef0f0a65e6205118
3f416d16b1a63df7aa64d8f10fe0c757de791823
f6dcfcb3171de0e915f9d0e012ade98661aa0b44ca34ff3097b20bb90744900b
GET /upload/iblock/42c/42c99dc0a2156760016ef81d3963f268.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 3347
Last-Modified: Thu, 28 Jun 2012 08:58:34 GMT
Connection: keep-alive
ETag: "4fec1cba-d13"
Accept-Ranges: bytes
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DB1273F63FE0024060230EA97&cs=1
136.243.148.229200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DB1273F63FE0024060230EA97&cs=1
IP 136.243.148.229:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DB1273F63FE0024060230EA97&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=4620b961-45aa-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=4620b961-45aa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 19:08:34 GMT; SameSite=None; Secure
uid-legacy=4620b961-45aa-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 19:08:34 GMT
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
49.12.83.94301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 49.12.83.94:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash d24bdd8452a92d70388b2da63208d0b2
2cb0c88a52440dec74dd004b25fc0f5d3aa919b4
86771f887e799f586abf75178feeddcca68b1f979887623c8be80b305be6c806
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=8764eba9-b9ee-4eac-4d0c-d1990e6dbd20
serverid: TODO
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=14237361&u=http%3A%2F%2Fmedsouz74.ru%2Facts%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&oE=1&oP=1&dT=2022-10-06T19%3A08%3A33.710&fu=65366985-ebd6-4561-999f-11935734bfb0
46.4.114.109302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=14237361&u=http%3A%2F%2Fmedsouz74.ru%2Facts%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&oE=1&oP=1&dT=2022-10-06T19%3A08%3A33.710&fu=65366985-ebd6-4561-999f-11935734bfb0
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=14237361&u=http%3A%2F%2Fmedsouz74.ru%2Facts%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&oE=1&oP=1&dT=2022-10-06T19%3A08%3A33.710&fu=65366985-ebd6-4561-999f-11935734bfb0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=14237361&u=http%3A%2F%2Fmedsouz74.ru%2Facts%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&oE=1&oP=1&dT=2022-10-06T19%3A08%3A33.710&fu=65366985-ebd6-4561-999f-11935734bfb0
medsouz74.ru/upload/iblock/4a2/4a2f2e921077f324b2d933ecf5b752ac.jpg
46.254.17.18200 OK 3.7 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/4a2/4a2f2e921077f324b2d933ecf5b752ac.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash 7ca2d09e5fa951f756d8cd54296e469e
202c8f232ed2eecb5aac262689a893efa1c173cb
633b08f09edf1852cf1c7747e98b92077a8a510912ae11251734e97b91d793ff
GET /upload/iblock/4a2/4a2f2e921077f324b2d933ecf5b752ac.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 3726
Last-Modified: Mon, 17 Dec 2012 11:49:22 GMT
Connection: keep-alive
ETag: "50cf06c2-e8e"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/b80/b805885a907f73784946d56aca2f6056.jpg
46.254.17.18200 OK 4.4 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/b80/b805885a907f73784946d56aca2f6056.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash 3d50f40dff5455ff7ebc6832cf7f6478
8d5170941bdf68676b756f55f5b0670edbd79db1
c27293efd70d65eab01404d370949ad8fa2b623703df6a8e54e7ce8af9ecfdf0
GET /upload/iblock/b80/b805885a907f73784946d56aca2f6056.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 4380
Last-Modified: Mon, 17 Dec 2012 11:35:06 GMT
Connection: keep-alive
ETag: "50cf036a-111c"
Accept-Ranges: bytes
ut.rktch.com/matchspm?pi=1000005&pui=1CB35A9DB1273F63FE0024060230EA97
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=1CB35A9DB1273F63FE0024060230EA97
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=d99d105459a86792580779443e034dbce966; Max-Age=2592000; Expires=Sat, 05 Nov 2022 19:08:34 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
136.243.48.22302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 136.243.48.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1665083314154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/png
content-length: 0
location: https://edfff2f6-b6a2-4188-b163-b35733872d2c.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=edfff2f6-b6a2-4188-b163-b35733872d2c;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=edfff2f6-b6a2-4188-b163-b35733872d2c;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1a0e1b1881da10f48ff73cbf09c8212b
460a2a4fd811117d89caa9f6ff479eb30a9fa452
86d7fd15054e39d5555d704cb61c7acbf5b082ed2ee0d9496a2a155bd024c16a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86D7FD15054E39D5555D704CB61C7ACBF5B082ED2EE0D9496A2A155BD024C16A"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5978
Expires: Thu, 06 Oct 2022 20:48:12 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
medsouz74.ru/upload/iblock/4a4/4a48ac6af07f0fca2cf9eb87bf88e6d6.jpg
46.254.17.18200 OK 4.4 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/4a4/4a48ac6af07f0fca2cf9eb87bf88e6d6.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash 61c2286d4410c73f072907c8212a498d
44ed17294553c462b2a68bef54a6fdb8102b7f5c
4a849d17b006d03967400072f4c07f8966820eed95ed26545386fa94d608bb74
GET /upload/iblock/4a4/4a48ac6af07f0fca2cf9eb87bf88e6d6.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 4382
Last-Modified: Mon, 17 Dec 2012 11:58:12 GMT
Connection: keep-alive
ETag: "50cf08d4-111e"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/d61/d617fad18287dd029e03214afd3814d5.jpg
46.254.17.18200 OK 6.4 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/d61/d617fad18287dd029e03214afd3814d5.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash 9fa1e2077bdd664995fc99b447061b2f
2466b5378a14afb51d23754f88493fc578f428a8
5c466769de0cbd5be9602832f28df1977ca69482047fc17a8556fcbb5cf03bcb
GET /upload/iblock/d61/d617fad18287dd029e03214afd3814d5.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 6409
Last-Modified: Mon, 17 Dec 2012 11:54:48 GMT
Connection: keep-alive
ETag: "50cf0808-1909"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/49f/49f7ce776497607f868ace36dc7e3f8e.jpg
46.254.17.18200 OK 75 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/49f/49f7ce776497607f868ace36dc7e3f8e.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1590x400, components 3\012- data
Hash 8cb42ea18816082c41418e6e8d44ef76
3c440836d9d41de5b0b11be5a5ccac1b75d825a7
cbb621db1697f8d7bea64ca7e2016001cdd93a3afb020bc2709e817d5b8c6de4
GET /upload/iblock/49f/49f7ce776497607f868ace36dc7e3f8e.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 74899
Last-Modified: Wed, 05 Feb 2020 10:21:00 GMT
Connection: keep-alive
ETag: "5e3a970c-12493"
Accept-Ranges: bytes
www.acint.net/match?dp=126&euid=8764eba9-b9ee-4eac-4d0c-d1990e6dbd20
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=8764eba9-b9ee-4eac-4d0c-d1990e6dbd20
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=8764eba9-b9ee-4eac-4d0c-d1990e6dbd20 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=14237361&u=http%3A%2F%2Fmedsouz74.ru%2Facts%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&oE=1&oP=1&dT=2022-10-06T19%3A08%3A33.710&fu=65366985-ebd6-4561-999f-11935734bfb0
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=14237361&u=http%3A%2F%2Fmedsouz74.ru%2Facts%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&oE=1&oP=1&dT=2022-10-06T19%3A08%3A33.710&fu=65366985-ebd6-4561-999f-11935734bfb0
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=14237361&u=http%3A%2F%2Fmedsouz74.ru%2Facts%2F&r=&rs=1280x1024&t=%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&oE=1&oP=1&dT=2022-10-06T19%3A08%3A33.710&fu=65366985-ebd6-4561-999f-11935734bfb0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://medsouz74.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=1CB35A9DB1273F63FE0024060230EA97
31.220.27.134302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1CB35A9DB1273F63FE0024060230EA97
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 06 Oct 2022 19:08:34 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=oNoxCTyUw2sr6TmU23b6
set-cookie: jcsuuid=oNoxCTyUw2sr6TmU23b6; expires=Fri, 06 Oct 2023 19:08:34 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
medsouz74.ru/upload/iblock/2df/2df2c3ac71c64fc40107c3d9e1fd1cbb.jpg
46.254.17.18200 OK 4.0 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/2df/2df2c3ac71c64fc40107c3d9e1fd1cbb.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 144x144, components 3\012- data
Hash 2f27ed0e0f79a6b51a8f3c383c7b1d36
65ee051b19fa114a5a00175af88ab0d794413c01
a1e63e8a2213663c42736e4a7e222e6bf667ffc6853541d59ed3acb183d6595d
GET /upload/iblock/2df/2df2c3ac71c64fc40107c3d9e1fd1cbb.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 3974
Last-Modified: Tue, 18 Dec 2012 08:59:02 GMT
Connection: keep-alive
ETag: "50d03056-f86"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/88e/88e51c61021a973b4f1ba2a6116e068c.jpg
46.254.17.18200 OK 2.8 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/88e/88e51c61021a973b4f1ba2a6116e068c.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 144x144, components 3\012- data
Hash 6a9724316ca9b58a2c6431d456d64c22
9b3ee993c7ab7ae363c95bbac02344a7bec573af
551e32a44e86392b293f0ee1ea2784705e769692ae89c6928e88c5561619704f
GET /upload/iblock/88e/88e51c61021a973b4f1ba2a6116e068c.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 2843
Last-Modified: Tue, 18 Dec 2012 09:08:36 GMT
Connection: keep-alive
ETag: "50d03294-b1b"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/23a/23a1bd12c4eaca38f6c045aea1f5e6b3.jpg
46.254.17.18200 OK 3.6 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/23a/23a1bd12c4eaca38f6c045aea1f5e6b3.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 144x144, components 3\012- data
Hash 56c788f8e45b9d3c36cbea007ca04746
0ebdfcf741edccd8bccd9ca8738d3f99d348daf9
f57eb9090188a9c3c415244d90434f46e93e30a750551e835eea8f95f7fc1a45
GET /upload/iblock/23a/23a1bd12c4eaca38f6c045aea1f5e6b3.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 3637
Last-Modified: Tue, 18 Dec 2012 09:03:18 GMT
Connection: keep-alive
ETag: "50d03156-e35"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/866/8660978e062efffd2b73b2c975eb7731.jpeg
46.254.17.18200 OK 4.1 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/866/8660978e062efffd2b73b2c975eb7731.jpeg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 332x77, components 3\012- data
Hash 512d67668c408aa780fafc8877bcd7b9
cb972dc4b467e41c50d020f832dcfc4fb7696fea
108113404f31a7de1dfccb207f16da81b2c4f7cf21eadea7bc3def1bf99fc700
Analyzer Verdict Alert fortinet Malware
GET /upload/iblock/866/8660978e062efffd2b73b2c975eb7731.jpeg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 4106
Last-Modified: Thu, 30 Mar 2017 08:18:02 GMT
Connection: keep-alive
ETag: "58dcbf3a-100a"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0987136340d664379cab5818b427f9a6
ed7487954f2789a031b3c3918830cc20521e0e2a
e2bf3b76f0ec5b47dfe0d10371ed613af7fae0e7c209edc7b70ea5fd8a505d5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2BF3B76F0EC5B47DFE0D10371ED613AF7FAE0E7C209EDC7B70EA5FD8A505D5F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9539
Expires: Thu, 06 Oct 2022 21:47:33 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
medsouz74.ru/upload/iblock/39f/39f24b3b78b09aff68d02cea06283179.png
46.254.17.18200 OK 10 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/39f/39f24b3b78b09aff68d02cea06283179.png
IP 46.254.17.18:0
File type PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Hash 8981eb651ef2d26049f3d0ec27f12d02
2e1335b627faaefa464ad1ce11efd6435610e077
cde783d800671728d2335ce7e544c059a61a5e9c872bc2ba02d475cb7e6bbed3
GET /upload/iblock/39f/39f24b3b78b09aff68d02cea06283179.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 10125
Last-Modified: Wed, 05 Feb 2020 10:16:21 GMT
Connection: keep-alive
ETag: "5e3a95f5-278d"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/8c1/8c14c279950f2522e29b0abbc9911dbc.jpg
46.254.17.18200 OK 3.9 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/8c1/8c14c279950f2522e29b0abbc9911dbc.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 160x83, components 3\012- data
Hash e8b2bf3a7e669c2b9b67af99c3359db8
4cf3d257c6fb7febfbef8f2fde42aeed592b91e9
4d1947e5fb67785a2a281aafaf2bfa547c54d538569f8d9b07298f073007a582
GET /upload/iblock/8c1/8c14c279950f2522e29b0abbc9911dbc.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 3891
Last-Modified: Thu, 15 May 2014 08:09:30 GMT
Connection: keep-alive
ETag: "5374763a-f33"
Accept-Ranges: bytes
stat.adlabs.ru/merge_gpsid/?sid=50&id=1CB35A9DB1273F63FE0024060230EA97
109.248.237.36302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=1CB35A9DB1273F63FE0024060230EA97
IP 109.248.237.36:0
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 18:55:53 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DB1273F63FE0024060230EA97
X-Firefox-Spdy: h2
medsouz74.ru/upload/iblock/280/2808210f31a44f33168bdd41063a9364.png
46.254.17.18200 OK 6.7 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/280/2808210f31a44f33168bdd41063a9364.png
IP 46.254.17.18:0
File type PNG image data, 236 x 213, 8-bit colormap, non-interlaced\012- data
Hash 63a8765ef4fac130b995bc9b687306bb
bd0429101e8a2200a5f446866bcc45a6e664af42
7359693de75421cfdd0117b862bea5de2fbda2bc702e7a72e06f127fa44bfe4d
GET /upload/iblock/280/2808210f31a44f33168bdd41063a9364.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 6713
Last-Modified: Wed, 05 Feb 2020 10:22:44 GMT
Connection: keep-alive
ETag: "5e3a9774-1a39"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/c81/c813ca0195e20fdd18298a2289336072.png
46.254.17.18200 OK 8.5 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/c81/c813ca0195e20fdd18298a2289336072.png
IP 46.254.17.18:0
File type PNG image data, 198 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a4e0533ebce753045b9ad82d998eb9d
a9c8acbeb2f5cee397df7aadd3f33ea8eaa4249e
ebf295fc77d1cbed018180106a3e25022ce0dbeb6b2c688e6c22e3bbc3796e76
GET /upload/iblock/c81/c813ca0195e20fdd18298a2289336072.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 8491
Last-Modified: Wed, 05 Feb 2020 10:26:03 GMT
Connection: keep-alive
ETag: "5e3a983b-212b"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ccb384e272eb7a1d9263a9166b4df2d2
346478ee1017491c9a3136cd9e5dc4d75ca25627
fc0f407b6128b32f5b353da2edb414b949634d4cf7620fb101bb90108fc8deb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC0F407B6128B32F5B353DA2EDB414B949634D4CF7620FB101BB90108FC8DEB1"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3919
Expires: Thu, 06 Oct 2022 20:13:53 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58a1deac9d602eb53f6e008b7bc84349
7a9d7c38c965465f9f484af2902d93eecd37b069
470bc52f002146fff1793cad08fa1269a3012e842bbf490934cbdc254cd49c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "470BC52F002146FFF1793CAD08FA1269A3012E842BBF490934CBDC254CD49C02"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8988
Expires: Thu, 06 Oct 2022 21:38:22 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
medsouz74.ru/upload/iblock/edd/edd9fad4f78d1d9f3b823ba3e2ecad76.png
46.254.17.18200 OK 13 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/edd/edd9fad4f78d1d9f3b823ba3e2ecad76.png
IP 46.254.17.18:0
File type PNG image data, 239 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash be9b8dcaca51d708ef7d1283ec41a14c
eaa7a78108ec78ead797e86ce048260fab5f5464
d8c77af6510aff529008165c576f0408c82e2765db19c07beacc35a3546f0486
GET /upload/iblock/edd/edd9fad4f78d1d9f3b823ba3e2ecad76.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 12981
Last-Modified: Wed, 05 Feb 2020 10:27:59 GMT
Connection: keep-alive
ETag: "5e3a98af-32b5"
Accept-Ranges: bytes
acint.net/match?dp=14&euid=CDB803C1B2273F636300F59C0231EC7A
46.4.114.109200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=CDB803C1B2273F636300F59C0231EC7A
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=CDB803C1B2273F636300F59C0231EC7A HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 06 Oct 2022 19:08:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=TDBLRRGC
Set-Cookie: uid=TDBLRRGC; Expires=Thu, 06 Oct 2032 00:00:00 GMT; mf2=1; Expires=Sat, 05 Nov 2022 00:00:00 GMT;
medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
46.254.17.18200 OK 0 B URL HTTP/1.1 medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
IP 46.254.17.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431 HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:33 GMT
Content-Type: text/css
Content-Length: 13431
Last-Modified: Fri, 30 Nov 2018 06:18:42 GMT
Connection: keep-alive
ETag: "5c00d642-3477"
Accept-Ranges: bytes
nr.bidderstack.com/sape/cm?user_id=1CB35A9DB1273F63FE0024060230EA97
46.4.70.80200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1CB35A9DB1273F63FE0024060230EA97
IP 46.4.70.80:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=54d408ab-3b99-48e3-9abf-1aabae1a66fd; domain=.bidderstack.com; path=/; expires=Fri, 06-Oct-2023 19:08:34 GMT;
Access-Control-Allow-Credentials: true
medsouz74.ru/bitrix/templates/nko_s1/images/topmenu-bg.gif
46.254.17.18200 OK 277 B URL HTTP/1.1 medsouz74.ru/bitrix/templates/nko_s1/images/topmenu-bg.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 1 x 58\012- data
Hash 5d2e0bc7929cf3d31555d0fab6c1c901
03438af45071e31562c03a894497c14caad3658f
a90fb83876502d8f4cf6bf17507850138b12996c758ff0215d185549fcaac13e
GET /bitrix/templates/nko_s1/images/topmenu-bg.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 277
Last-Modified: Mon, 04 Jun 2012 11:24:30 GMT
Connection: keep-alive
ETag: "4fcc9aee-115"
Accept-Ranges: bytes
www.acint.net/match?dp=129&euid=fxsumm0wkg
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=fxsumm0wkg
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=fxsumm0wkg HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=TDBLRRGC
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=TDBLRRGC
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=TDBLRRGC HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.23.99302 Found 43 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.23.99:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 06 Oct 2022 19:08:34 GMT
x-request-id: ad28e310-fb8f-40fa-bf14-bdb030acac65
set-cookie: bvuid=fxsumm0wkg; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=fxsumm0wkg; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=fxsumm0wkg
X-Firefox-Spdy: h2
medsouz74.ru/bitrix/templates/nko_s1/images/topmenu-d.gif
46.254.17.18200 OK 316 B URL HTTP/1.1 medsouz74.ru/bitrix/templates/nko_s1/images/topmenu-d.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 2 x 50\012- data
Hash 9a3206e5ce14e4f73efd43dc13f1a736
280c8480f065addad0198a28c5b4193d1fe7f836
0f0fecde3c9e734df28d23455b83a2c6029e6af5f043aacd9f2545a31108aac5
GET /bitrix/templates/nko_s1/images/topmenu-d.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 316
Last-Modified: Mon, 04 Jun 2012 11:24:30 GMT
Connection: keep-alive
ETag: "4fcc9aee-13c"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/e64/e64a0ea7ede7f6342c645268807c3e9d.jpg
46.254.17.18200 OK 2.7 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/e64/e64a0ea7ede7f6342c645268807c3e9d.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash 21239e368fa2956bbe0c90974dcc47b9
1666df6540d91330d933b91171d19785baa43ff3
bafd10681a4f3ca7c9057fbd94e46e63316f64bec7ff6fb3e42b688cd993e29c
GET /upload/iblock/e64/e64a0ea7ede7f6342c645268807c3e9d.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 2654
Last-Modified: Thu, 28 Jun 2012 08:49:52 GMT
Connection: keep-alive
ETag: "4fec1ab0-a5e"
Accept-Ranges: bytes
medsouz74.ru/upload/medialibrary/77c/77c51054ebc3b989e81500a67c23e21f.jpg
46.254.17.18200 OK 149 kB URL HTTP/1.1 medsouz74.ru/upload/medialibrary/77c/77c51054ebc3b989e81500a67c23e21f.jpg
IP 46.254.17.18:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=710, bps=0, PhotometricIntepretation=CMYK, orientation=upper-left, width=785], progressive, precision 8, 785x710, components 3 DIY-Thermocam raw data\012- (Lepton 3.x), scale 29023--5692, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 43410353893779213626900480.000000\012- data
Size 149 kB (149192 bytes)
Hash eefdf430c180651e47627b06340e31f9
2456925a7a168c3fd822659cbe44781420289a79
321ebcf033e16d3e3a959201cb3aac14af07532e8bd2671b0f00083bd5534775
GET /upload/medialibrary/77c/77c51054ebc3b989e81500a67c23e21f.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 149192
Last-Modified: Fri, 10 Aug 2018 09:23:44 GMT
Connection: keep-alive
ETag: "5b6d59a0-246c8"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/7af/7aff48c7923ae02855ae6cda6fa8e7f0.png
46.254.17.18200 OK 15 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/7af/7aff48c7923ae02855ae6cda6fa8e7f0.png
IP 46.254.17.18:0
File type PNG image data, 557 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash a974a7e68c71ccb2d597523c42620916
20d99fdccfaf878c717bddb15609ad840648ea54
6e5bd9bd07c358459dfc6ff6b80d0cb1931d5e669c45735027ccd11f151a2891
GET /upload/iblock/7af/7aff48c7923ae02855ae6cda6fa8e7f0.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 15089
Last-Modified: Thu, 30 Mar 2017 08:15:19 GMT
Connection: keep-alive
ETag: "58dcbe97-3af1"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/7b6/7b6d93c758134f75731a88647f597fa5.jpg
46.254.17.18200 OK 6.2 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/7b6/7b6d93c758134f75731a88647f597fa5.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 144x144, components 3\012- data
Hash 4f665f4a22c816bc0634de71c1c95d8d
eaccb9a598d45999f6cdf726bf6c9f7561ee8f82
4155d9b0dbb178e3cfc7f24490be3049de2e555f68a6577b74708563dede682b
GET /upload/iblock/7b6/7b6d93c758134f75731a88647f597fa5.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 6155
Last-Modified: Thu, 28 Jun 2012 08:53:38 GMT
Connection: keep-alive
ETag: "4fec1b92-180b"
Accept-Ranges: bytes
medsouz74.ru/bitrix/templates/nko_s1/images/topmenu-c.png
46.254.17.18200 OK 641 B URL HTTP/1.1 medsouz74.ru/bitrix/templates/nko_s1/images/topmenu-c.png
IP 46.254.17.18:0
File type PNG image data, 14 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 53a4ace83dea7868520a17cddbcf731d
dbec74ab13aa9b675a8b7647d91af5de0d38d90d
142c94ac4c13695244a3f6143c5ca539617c39f5a93c073be62938d4f81ec441
GET /bitrix/templates/nko_s1/images/topmenu-c.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/bitrix/cache/css/s1/nko_s1/template_6d10500b7bbde229436dc2937d81c3fa/template_6d10500b7bbde229436dc2937d81c3fa_v1.css?154355872213431
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 641
Last-Modified: Thu, 13 Sep 2012 05:40:48 GMT
Connection: keep-alive
ETag: "505171e0-281"
Accept-Ranges: bytes
medsouz74.ru/images/t5.gif
46.254.17.18200 OK 5.0 kB URL HTTP/1.1 medsouz74.ru/images/t5.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 110 x 144\012- data
Hash d6763121f305c31273ed3cd6b587130e
ee6e60624be68da49a503c427ee5955f8b7d6afe
22bb0ce4a287c7187c43a352b694833250b8f53dacc8de400fb4dd7577b13300
GET /images/t5.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 4958
Last-Modified: Wed, 27 Feb 2013 11:53:06 GMT
Connection: keep-alive
ETag: "512df3a2-135e"
Accept-Ranges: bytes
medsouz74.ru/upload/iblock/af6/af62e0b0a328da8be29c31e785251289.jpg
46.254.17.18200 OK 130 kB URL HTTP/1.1 medsouz74.ru/upload/iblock/af6/af62e0b0a328da8be29c31e785251289.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 562x600, components 3\012- data
Size 130 kB (129765 bytes)
Hash de5db73e0f12a40bcf976fe0400d0b64
040dd10da4d3e3d2ab60bca9ee357777cdd0cd5d
ef625cc79f8e2049f0ef9790e5a632f3120dc8a8119fcc4ca5f1e36c5ab26768
GET /upload/iblock/af6/af62e0b0a328da8be29c31e785251289.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 129765
Last-Modified: Fri, 25 Jun 2021 09:18:57 GMT
Connection: keep-alive
ETag: "60d59f81-1fae5"
Accept-Ranges: bytes
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 0abea2b33b22011ebece2d99fcbc3bc7
8aca23f2c7b9e8147a8f181d33c4a43724d7bae2
c488788753594d63d9035be183051cf114927154be91979de1154b0ff811f9a1
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 15:17:49 GMT
ETag: "8aca23f2c7b9e8147a8f181d33c4a43724d7bae2"
Last-Modified: Thu, 06 Oct 2022 15:17:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2563
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afbc8fe30b39-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db09d070d52c6aad1d58582eb60f0021
bb64cf2d477280e81300ba27d6832b047a92037f
48369835fd492c9f416e09748b88d7c44ae6fbb58a707490c2a088fc224ea973
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48369835FD492C9F416E09748B88D7C44AE6FBB58A707490C2A088FC224EA973"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2261
Expires: Thu, 06 Oct 2022 19:46:15 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ca3a35f00ba4c2b76dbced08aacbac6
d72ea5eeff994490e3ac9972508c6112bd231e0b
e877c0bedcdaf331324ba11c5fe5a2a22a79089677d7f8419600be5f19ac0fa8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E877C0BEDCDAF331324BA11C5FE5A2A22A79089677D7F8419600BE5F19AC0FA8"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9058
Expires: Thu, 06 Oct 2022 21:39:32 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
1cb35a9db1273f63fe0024060230ea97-sp.ops.beeline.ru/p?ssp=sp&id=1CB35A9DB1273F63FE0024060230EA97
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 1cb35a9db1273f63fe0024060230ea97-sp.ops.beeline.ru/p?ssp=sp&id=1CB35A9DB1273F63FE0024060230EA97
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: 1cb35a9db1273f63fe0024060230ea97-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=b3fecf3c-2cb4-4609-b56e-fc033981e047
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=b3fecf3c-2cb4-4609-b56e-fc033981e047; expires=Wed, 27 Sep 2023 19:08:34 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.36
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=1CB35A9DB1273F63FE0024060230EA97
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1CB35A9DB1273F63FE0024060230EA97
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0NjZkZDBhNi00NWFhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 01 Oct 2042 19:08:34 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiyz_yZBmIgMUNCMzVBOURCMTI3M0Y2M0ZFMDAyNDA2MDIzMEVBOTeiARBGbdCmRaoR7YbgACWQwGR8
ETag: 466dd0a6-45aa-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45b0256611480a9ec22d86de1a78432f
de84427d350a56e26672456b58c2cbdba76db281
4f7a4fb81cb2e98bd62c7b4a72c5be3a06b59b209a207e8b2c542cd6c3a3270e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7A4FB81CB2E98BD62C7B4A72C5BE3A06B59B209A207E8B2C542CD6C3A3270E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3752
Expires: Thu, 06 Oct 2022 20:11:06 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
medsouz74.ru/upload/iblock/d83/d83d607616bac7fa58199ccd9dd80039.jpg
46.254.17.18200 OK 1.8 MB URL HTTP/1.1 medsouz74.ru/upload/iblock/d83/d83d607616bac7fa58199ccd9dd80039.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 6859x2422, components 3\012- data
Size 1.8 MB (1792111 bytes)
Hash 298e63193d83751354abc80fe80ee4ac
d9bafa37f5184643b16f804ab2d52c8e1b2e1fe7
1725ed37ec04708f6db11f605111031ea586b74a286ebbd326e0e9c875189ef0
GET /upload/iblock/d83/d83d607616bac7fa58199ccd9dd80039.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 1792111
Last-Modified: Thu, 30 Mar 2017 08:09:14 GMT
Connection: keep-alive
ETag: "58dcbd2a-1b586f"
Accept-Ranges: bytes
www.acint.net/match?dp=111&euid=b3fecf3c-2cb4-4609-b56e-fc033981e047
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=b3fecf3c-2cb4-4609-b56e-fc033981e047
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=b3fecf3c-2cb4-4609-b56e-fc033981e047 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=1CB35A9DB1273F63FE0024060230EA97
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1CB35A9DB1273F63FE0024060230EA97
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=91584db5-0fdc-4b9a-895a-3175556a7381
Set-Cookie: uuid=91584db5-0fdc-4b9a-895a-3175556a7381; expires=Wed, 27 Sep 2023 19:08:34 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
mediatoday.ru/core/match.gif?s=32&id=1CB35A9DB1273F63FE0024060230EA97
139.45.228.111200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=1CB35A9DB1273F63FE0024060230EA97
IP 139.45.228.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VU7g1eXQsPQlXdp; expires=Sun, 03-Oct-2032 19:08:34 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3208
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
dm-eu.hybrid.ai/match?id=106&vid=1CB35A9DB1273F63FE0024060230EA97
37.18.103.16204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1CB35A9DB1273F63FE0024060230EA97
IP 37.18.103.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /match?id=106&vid=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 19:08:34 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=793f0b1d3777dad74540; expires=Fri, 06 Oct 2023 19:08:34 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 920716f022a7df80d6a97304544be613
23338a2226e05be3c2bea258cf374f582e64b0fc
01d40600a8d3d414d4715633f26aadee0473fb9518f5ad43858faa632125a912
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 17:38:41 GMT
ETag: "23338a2226e05be3c2bea258cf374f582e64b0fc"
Last-Modified: Thu, 06 Oct 2022 17:38:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1014
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afbd4906b506-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 77346
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 50657
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 76178
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 77488
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
medsouz74.ru/images/partner/2.png
46.254.17.18200 OK 29 kB URL HTTP/1.1 medsouz74.ru/images/partner/2.png
IP 46.254.17.18:0
File type PNG image data, 261 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 497bdd2ecc304d02ebd0c8e3f78976e6
9c749cfe6c228dfd64334f9e2234e1fe3361acfd
c8bf97016912d7faa08c73a5d7f54995426f298ef635f4cfb9c8a967d357e7f5
GET /images/partner/2.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 28746
Last-Modified: Sun, 10 Feb 2013 09:36:26 GMT
Connection: keep-alive
ETag: "51176a1a-704a"
Accept-Ranges: bytes
medsouz74.ru/images/partner/1.png
46.254.17.18200 OK 22 kB URL HTTP/1.1 medsouz74.ru/images/partner/1.png
IP 46.254.17.18:0
File type PNG image data, 261 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 6471835115be556485786e37324a8d26
1aec6e0f61b5469f3553d741bcfbe57ddea412b8
2e45a0e0957676a1095e144c47f839aff65dac2025eb5513949841f71c29eced
GET /images/partner/1.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 21987
Last-Modified: Sun, 10 Feb 2013 09:36:14 GMT
Connection: keep-alive
ETag: "51176a0e-55e3"
Accept-Ranges: bytes
match.new-programmatic.com/userbind?src=sape&id=1CB35A9DB1273F63FE0024060230EA97
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1CB35A9DB1273F63FE0024060230EA97
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:50:38 GMT
age: 55076
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=91584db5-0fdc-4b9a-895a-3175556a7381
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=91584db5-0fdc-4b9a-895a-3175556a7381
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=91584db5-0fdc-4b9a-895a-3175556a7381 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
edfff2f6-b6a2-4188-b163-b35733872d2c.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
148.251.236.115302 Found 0 B URL HTTP/2 edfff2f6-b6a2-4188-b163-b35733872d2c.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
IP 148.251.236.115:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1
Host: edfff2f6-b6a2-4188-b163-b35733872d2c.sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1665083314154; user_id=edfff2f6-b6a2-4188-b163-b35733872d2c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=edfff2f6-b6a2-4188-b163-b35733872d2c;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=edfff2f6-b6a2-4188-b163-b35733872d2c;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=edfff2f6-b6a2-4188-b163-b35733872d2c
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a1a279f8386262762dcf70621e06ed5
0e1d6cefe5ffe1994f26322962df8b0a13743339
a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 76547
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=1CB35A9DB1273F63FE0024060230EA97
148.251.9.22204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1CB35A9DB1273F63FE0024060230EA97
IP 148.251.9.22:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.2
date: Thu, 06 Oct 2022 19:08:34 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
medsouz74.ru/images/partner/3.png
46.254.17.18200 OK 22 kB URL HTTP/1.1 medsouz74.ru/images/partner/3.png
IP 46.254.17.18:0
File type PNG image data, 261 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash ab0bf7e91f1a3aceb09151fdb52de848
5cdd2918b9283475370a7027c42939f2192f4a87
2df343ed8043f969b06b260b4beb885b32f98b1fa9ae816552c292ccb540c632
GET /images/partner/3.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 22510
Last-Modified: Sun, 10 Feb 2013 09:36:40 GMT
Connection: keep-alive
ETag: "51176a28-57ee"
Accept-Ranges: bytes
medsouz74.ru/images/t1.gif
46.254.17.18200 OK 7.0 kB URL HTTP/1.1 medsouz74.ru/images/t1.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 193 x 144\012- data
Hash 3988935152f8a413ec057608f3f2e49d
4f2b96fd7759a1f83a5178b9df423666a86a1efb
21637abbca860e186cadd673c5708c40824a6203a3a2278f4354973c8d58ce18
GET /images/t1.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 7022
Last-Modified: Wed, 27 Feb 2013 11:53:06 GMT
Connection: keep-alive
ETag: "512df3a2-1b6e"
Accept-Ranges: bytes
medsouz74.ru/images/t2.gif
46.254.17.18200 OK 5.3 kB URL HTTP/1.1 medsouz74.ru/images/t2.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 130 x 144\012- data
Hash 7a8cd303f2dfef5892dd710c40f4b73b
5cdd259fec88efdffb2b9f033a98f6d93a13bf8e
099f36aa00986e3506e50ef62a861ba3624d9676a7f79c210545a96887695610
GET /images/t2.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 5298
Last-Modified: Wed, 27 Feb 2013 11:53:06 GMT
Connection: keep-alive
ETag: "512df3a2-14b2"
Accept-Ranges: bytes
www.acint.net/match?dp=71&euid=edfff2f6-b6a2-4188-b163-b35733872d2c
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=edfff2f6-b6a2-4188-b163-b35733872d2c
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=edfff2f6-b6a2-4188-b163-b35733872d2c HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
medsouz74.ru/images/partner/4.png
46.254.17.18200 OK 38 kB URL HTTP/1.1 medsouz74.ru/images/partner/4.png
IP 46.254.17.18:0
File type PNG image data, 261 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash ad4e0fc8e64d1a65be296d9fafbbf175
1d3e3aa767e0b3663ba678467b2836f3964a8aa6
49b7a67c2baeffd4fb49174b735888486a64ecfd35c3a5719cba95c8a5580a95
GET /images/partner/4.png HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/png
Content-Length: 38251
Last-Modified: Sun, 10 Feb 2013 09:37:00 GMT
Connection: keep-alive
ETag: "51176a3c-956b"
Accept-Ranges: bytes
medsouz74.ru/images/t3.gif
46.254.17.18200 OK 7.5 kB URL HTTP/1.1 medsouz74.ru/images/t3.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 242 x 144\012- data
Hash 711b96e66fd36d8e2cbbbb10131de915
60863867283c032af70f5dbcc0d1087cea2c3d0e
cad31b68b6c595341268041043a6419c9a9de1fb07ccc38e2906e6a3f823f608
GET /images/t3.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 7506
Last-Modified: Wed, 27 Feb 2013 11:53:06 GMT
Connection: keep-alive
ETag: "512df3a2-1d52"
Accept-Ranges: bytes
medsouz74.ru/images/t4.gif
46.254.17.18200 OK 4.0 kB URL HTTP/1.1 medsouz74.ru/images/t4.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 157 x 144\012- data
Hash fab746febbac56017aea49a194000770
f328bc29987a1d0a0c1fc571e9dcfbf621324e30
8bb411e4320089ab988a20f2b76971a8796b76b201e6c3cb4db4edb5a2cdc99d
GET /images/t4.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 3988
Last-Modified: Wed, 27 Feb 2013 11:53:06 GMT
Connection: keep-alive
ETag: "512df3a2-f94"
Accept-Ranges: bytes
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medsouz74.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 06 Oct 2022 19:08:34 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3208
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
medsouz74.ru/images/t6.gif
46.254.17.18200 OK 4.9 kB URL HTTP/1.1 medsouz74.ru/images/t6.gif
IP 46.254.17.18:0
File type GIF image data, version 89a, 162 x 144\012- data
Hash 71bb0ad3a0c0917677a58d4677f5109b
04964b3cdb62d26dad2f309f304363f08ae6b913
fb81a30f7006c0c1fa1a723728aa32a37d0a3136988abcefde9e2d2ed4a00bb8
GET /images/t6.gif HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/gif
Content-Length: 4937
Last-Modified: Wed, 27 Feb 2013 11:53:06 GMT
Connection: keep-alive
ETag: "512df3a2-1349"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e503369b0810c5211e6f1c807b4cfe40
f505fabc64a8bf2df698353af5731306735dfb33
c0075e0eb64a39d31b7decea2d2cfcdd5320adb99478fdf808922fc801f06b4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0075E0EB64A39D31B7DECEA2D2CFCDD5320ADB99478FDF808922FC801F06B4F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6611
Expires: Thu, 06 Oct 2022 20:58:45 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3208
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 19:08:34 GMT
Connection: keep-alive
medsouz74.ru/upload/medialibrary/40d/40d15d35fa89a5c98097260d74cc4d33.jpg
46.254.17.18200 OK 2.0 kB URL HTTP/1.1 medsouz74.ru/upload/medialibrary/40d/40d15d35fa89a5c98097260d74cc4d33.jpg
IP 46.254.17.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 139x66, components 3\012- data
Hash da70a6784dcf63a4a74bbe5ef39df585
167c31ad95366e65360b3dd83671259111db2b69
9638ce250c0f9852acd316c119a862d3d184f82b3792ecc8da2a827c63e436e3
GET /upload/medialibrary/40d/40d15d35fa89a5c98097260d74cc4d33.jpg HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: image/jpeg
Content-Length: 1980
Last-Modified: Tue, 10 Jul 2012 06:28:32 GMT
Connection: keep-alive
ETag: "4ffbcb90-7bc"
Accept-Ranges: bytes
sync.bumlam.com/?src=sap1&s_data=CAIQARiyz_yZBmIgMUNCMzVBOURCMTI3M0Y2M0ZFMDAyNDA2MDIzMEVBOTeiARBGbdCmRaoR7YbgACWQwGR8
31.172.81.172200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARiyz_yZBmIgMUNCMzVBOURCMTI3M0Y2M0ZFMDAyNDA2MDIzMEVBOTeiARBGbdCmRaoR7YbgACWQwGR8
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARiyz_yZBmIgMUNCMzVBOURCMTI3M0Y2M0ZFMDAyNDA2MDIzMEVBOTeiARBGbdCmRaoR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0NjZkZDBhNi00NWFhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0NjZkZDBhNi00NWFhLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 01 Oct 2042 19:08:34 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
bitrix.info/bx_stat
99.81.218.191406 Not Acceptable 10 B IP 99.81.218.191:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 190f0ca90ef9d8f401ed505b8e377411
12ad51bbdfcc081a984bbff898a0d47cc29a61dc
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
POST /bx_stat HTTP/1.1
Host: bitrix.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 389
Origin: http://medsouz74.ru
Connection: keep-alive
Referer: http://medsouz74.ru/
HTTP/1.1 406 Not Acceptable
Date: Thu, 06 Oct 2022 19:08:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.10.1
Access-Control-Allow-Origin: http://medsouz74.ru
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medsouz74.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=32903
date: Thu, 06 Oct 2022 19:08:34 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
77.88.21.119302 Moved temporarily 0 B URL HTTP/1.1 mc.yandex.ru/metrika/watch.js
IP 77.88.21.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js
m.addthis.com/live/red_lojson/300lo.json?si=633f27b130a7a80d&bkl=0&bl=5&pdt=1660&sid=633f27b130a7a80d&pub=ra-4ffbb06c6de7e481&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=medsouz74.ru&fp=acts%2F&fr=&fcu=Yz8nse_LeiA&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=windows-1251&colc=1665083314835&jsl=1&uvs=633f27b108fc378d000&skipb=1&callback=addthis.cbs.jsonp__84402053211993130
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=633f27b130a7a80d&bkl=0&bl=5&pdt=1660&sid=633f27b130a7a80d&pub=ra-4ffbb06c6de7e481&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=medsouz74.ru&fp=acts%2F&fr=&fcu=Yz8nse_LeiA&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=windows-1251&colc=1665083314835&jsl=1&uvs=633f27b108fc378d000&skipb=1&callback=addthis.cbs.jsonp__84402053211993130
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash d35f9064cfa134f7fbbb214fc3b01a16
4c7d5be923c3ce9bfd681048b20de2fff364c582
e3e2da7a895584e240240da1821d60bc79892bd554b93c8b6eb480fade8fb962
GET /live/red_lojson/300lo.json?si=633f27b130a7a80d&bkl=0&bl=5&pdt=1660&sid=633f27b130a7a80d&pub=ra-4ffbb06c6de7e481&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=medsouz74.ru&fp=acts%2F&fr=&fcu=Yz8nse_LeiA&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=1&cdn=0&pi=1&rb=0&gen=100&chr=windows-1251&colc=1665083314835&jsl=1&uvs=633f27b108fc378d000&skipb=1&callback=addthis.cbs.jsonp__84402053211993130 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medsouz74.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 06 Oct 2022 19:08:35 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 15ac1355f627c371d26d5ebb9f3c8394
f9f5e85e4338cf6a448ee3ffcdf13d23eef84468
19d7b8f7d5351a1d19646539cec9bbaf6609fab8feec7b43f32647a865b6214f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Mon, 10 Oct 2022 16:22:20 GMT
ETag: "f9f5e85e4338cf6a448ee3ffcdf13d23eef84468"
Last-Modified: Thu, 06 Oct 2022 16:22:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 585
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afbf1ab40b39-OSL
mc.yandex.ru/metrika/watch.js
77.88.21.119200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (570)
Hash 44366cc385a5c0f49df4f22b71434b42
3f56349f8a3fff52e28a3300052bdc2bde97371c
485ba52769d75db2ed79f65318d37070d09ce3441680aa22caa10ae3cdcb45cd
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://medsouz74.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57285
date: Thu, 06 Oct 2022 19:08:35 GMT
access-control-allow-origin: *
etag: "633be002-dfc5"
expires: Thu, 06 Oct 2022 20:08:35 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-4ffbb06c6de7e481/_ate.track.config_resp
23.38.200.123200 OK 47 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-4ffbb06c6de7e481/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 24c668b115f75423506f2ea21d1b49c2
14f956ddb2d9e8b072cd5f605c3f39526490b391
b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
GET /live/boost/ra-4ffbb06c6de7e481/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://medsouz74.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=60, s-maxage=86400
date: Thu, 06 Oct 2022 19:08:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:08:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 10c21fedd4ff77d9f0b12f6b57013a1d
94d25e93b5176f170d9e3ff50421fbe86736b3cb
872bd894060cb8341a6bc328be59cf4c1fb71d6fa7f718c70e316954ee9723c3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 17:24:46 GMT
ETag: "94d25e93b5176f170d9e3ff50421fbe86736b3cb"
Last-Modified: Thu, 06 Oct 2022 17:24:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 137
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afc02bc90b39-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1CB35A9DB1273F63FE0024060230EA97
195.209.111.13200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1CB35A9DB1273F63FE0024060230EA97
IP 195.209.111.13:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=HLNanbEnP2P-ACQGAjDqlw
172.217.21.162200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=HLNanbEnP2P-ACQGAjDqlw
IP 172.217.21.162:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=HLNanbEnP2P-ACQGAjDqlw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Thu, 06 Oct 2022 19:08:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebf1af73f4609321fb542b3727f9eae0
8c0b93cbf4bde0dc3714356d797b459359908b53
680211c8e353916d126804684826db4991678c39371c0548a1ad0fd645bcaecf
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1412
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:08:35 GMT
Last-Modified: Thu, 06 Oct 2022 18:45:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1CB35A9DB1273F63FE0024060230EA97
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1CB35A9DB1273F63FE0024060230EA97
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 19:08:35 GMT
set-cookie: uid=XV9maWM/J7M6I4Y1WARmAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.37302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-6007573066; expires=Sat, 05 Oct 2024 19:08:35 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6007573066
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 7cc0e7f2de07a944f508ea6dea51ea40
4bfcf09461d60eef818988ce1be6efdbea0461e0
fd92c9f6666ddf637b1cd26b33eee0f43d690d5422fd5eddcf1e89c50baa68ce
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 10 Oct 2022 15:45:28 GMT
ETag: "4bfcf09461d60eef818988ce1be6efdbea0461e0"
Last-Modified: Thu, 06 Oct 2022 15:45:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3363
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afc06c180b39-OSL
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e9a6f8e4791ecfb2eefcb32e2df57194
acd5f85c41f4a1b639277e0069253033f5d1bfaa
726c2f509c944f0d7f2f8a131a3a673b876aa146e0d364922ba81b21f1927211
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 16:18:19 GMT
Expires: Thu, 13 Oct 2022 16:18:18 GMT
Etag: "acd5f85c41f4a1b639277e0069253033f5d1bfaa"
Cache-Control: max-age=602433,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 136
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afc07a57fac4-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 259aaa09d1c5ff47b5c7db89abd523d0
89d9c9c4b6dec66986ed49af3301e466ce3fa167
7f5b1c5088cac16480c7f0a92af1fa549c3b6e65abafe4c7bd232f52d435f799
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 16:43:11 GMT
ETag: "89d9c9c4b6dec66986ed49af3301e466ce3fa167"
Last-Modified: Thu, 06 Oct 2022 16:43:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2487
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afc09dd7b506-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a5d620515da26a7bcf18c1cfb70f1caa
7a98bf9ee82802278c0d90ebd86403a16dd4bbe9
8b5eecb0afd745c8c2b6726a56b1b33f5c337a73bd12575926f8308c62c688f4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 04:09:18 GMT
Expires: Tue, 11 Oct 2022 04:09:17 GMT
Etag: "7a98bf9ee82802278c0d90ebd86403a16dd4bbe9"
Cache-Control: max-age=377441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7560afc05aceb527-OSL
adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DB1273F63FE0024060230EA97
95.211.66.35200 OK 86 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DB1273F63FE0024060230EA97
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash cd01ca32a344e7529987fed41a31de69
4558538a8b95d32e8209cabc21462c0cbb8789e1
d243a8594bf956ada2c21d571ef312c61cbcbfc655b50efd1a55c11c2c4427a7
GET /merge_gpsid/?sid=50&id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 06 Oct 2022 19:08:34 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Length: 0
Connection: close
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:08:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f174e19f766d0c5f39d5224af19745aa
62fd631d19c1fcd097526985c8eaca1dc4c79216
3555fc03ff5d7b3fb2b131b6e8c83f2619b1bbbb77e109944dfa030545454288
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:08:35 GMT
Last-Modified: Thu, 06 Oct 2022 17:55:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
sape-sync.rutarget.ru/sync
45.9.27.120302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 45.9.27.120:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=7BINSQY2-U9o
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=7BINSQY2-U9o; Path=/; Domain=.rutarget.ru; Expires=Tue, 04 Apr 2023 19:08:35 GMT; SameSite=None; Secure
ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DB1273F63FE0024060230EA97
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DB1273F63FE0024060230EA97
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1CB35A9DB1273F63FE0024060230EA97&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
tuuid=a2095fbf-24fc-5217-82b2-c97de18deece; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
ut=Yz8nswAFBSjlncRPBJmP5xQi3N9DDUEXHySakQ==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6086c7ae8b2976dfc1d1227f2c96b0ef
ffbb917b019a61946e0f9db793469f65e7a89b88
0d66347ef2b696e7c27ebe4bdccb4f9ee8aa9f1f563b69c80e79b82208406588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D66347EF2B696E7C27EBE4BDCCB4F9EE8AA9F1F563B69C80E79B82208406588"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9195
Expires: Thu, 06 Oct 2022 21:41:50 GMT
Date: Thu, 06 Oct 2022 19:08:35 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash dbc86ac6d6c2d089de157199b73de282
5d773cc60eec0b116c5a5988e400c2f7e7b2854b
72e2d2cbfd1cd9a51ad9153d22bdfff2f242ddbeefed5dcd65bb0bee504ba948
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 23:46:06 GMT
Expires: Thu, 06 Oct 2022 23:46:06 GMT
ETag: "5d773cc60eec0b116c5a5988e400c2f7e7b2854b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sm.rtb.mts.ru/p?ssp=sape&id=1CB35A9DB1273F63FE0024060230EA97
217.66.147.41301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1CB35A9DB1273F63FE0024060230EA97
IP 217.66.147.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1CB35A9DB1273F63FE0024060230EA97
Set-Cookie: dspid=e9393fc8-1d94-40eb-bd1e-9d3a03270ae4; expires=Wed, 27 Sep 2023 19:08:35 GMT; domain=.mts.ru; path=/; secure; SameSite=None
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Thu, 06 Oct 2022 19:08:34 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3734255829
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Thu, 06 Oct 2022 19:08:35 GMT
set-cookie: AFFICHE_W=Vck6geMowdRV34; expires=Fri, 03 Nov 2023 19:08:35 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DB1273F63FE0024060230EA97&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DB1273F63FE0024060230EA97&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=1CB35A9DB1273F63FE0024060230EA97&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
tuuid=9f28d076-5fa5-5217-8ca0-5588ef9f723b; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
ut=Yz8nswAGHmgKnE55QD42kBF8pjT2hcO8Jvl1Ng==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.158200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.158:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 06 Oct 2022 19:04:29 GMT
Connection: keep-alive
ETag: "633f26bd-beb"
Accept-Ranges: bytes
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3734255829
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3734255829
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3734255829 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Thu, 06 Oct 2022 19:08:34 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Thu, 06 Oct 2022 19:08:35 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=1CB35A9DB1273F63FE0024060230EA97
217.66.147.41301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1CB35A9DB1273F63FE0024060230EA97
IP 217.66.147.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
an.yandex.ru/mapuid/sapeis/1CB35A9DB1273F63FE0024060230EA97?redir-setuniq=1
87.250.250.90200 OK 93 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1CB35A9DB1273F63FE0024060230EA97?redir-setuniq=1
IP 87.250.250.90:0
Hash bac7f3d6422fb9964705ea3ea3d541c1
d17be3503eef86f05876c99639fb7ef0863a35de
02aea085bcf868eda5aabc75296f6a3ece4a6f95b80f5ad68687a92e08017949
GET /mapuid/sapeis/1CB35A9DB1273F63FE0024060230EA97?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 06 Oct 2022 19:08:35 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06 Oct 2022 19:08:35 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 06 Oct 2022 19:08:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash dbc86ac6d6c2d089de157199b73de282
5d773cc60eec0b116c5a5988e400c2f7e7b2854b
72e2d2cbfd1cd9a51ad9153d22bdfff2f242ddbeefed5dcd65bb0bee504ba948
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 23:46:06 GMT
Expires: Thu, 06 Oct 2022 23:46:06 GMT
ETag: "5d773cc60eec0b116c5a5988e400c2f7e7b2854b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ea12d2d8a38c54298b6916d7e99902d6
79908828cbc4e35ca52495ec617e9ade5335ebff
3c62bd3ad8856f8b32cafa8fb62c49e23c3164024f34ede7476e9e59a48a4933
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:18:47 GMT
Expires: Tue, 11 Oct 2022 14:18:46 GMT
Etag: "79908828cbc4e35ca52495ec617e9ade5335ebff"
Cache-Control: max-age=414010,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7560afc10bdbb527-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d71b2673fe2ef2d956be394e03b4eeda
ff74e558c881e31a3827e2c55b7801c2f5b7a14c
2837ac216a53534e7cd24f3ba204e3f095d35f5a5629687059035603669b25bc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 10 Oct 2022 17:45:23 GMT
ETag: "ff74e558c881e31a3827e2c55b7801c2f5b7a14c"
Last-Modified: Thu, 06 Oct 2022 17:45:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 73
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560afc23dd00b39-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a5d620515da26a7bcf18c1cfb70f1caa
7a98bf9ee82802278c0d90ebd86403a16dd4bbe9
8b5eecb0afd745c8c2b6726a56b1b33f5c337a73bd12575926f8308c62c688f4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 04:09:18 GMT
Expires: Tue, 11 Oct 2022 04:09:17 GMT
Etag: "7a98bf9ee82802278c0d90ebd86403a16dd4bbe9"
Cache-Control: max-age=377441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7560afc03c73b4e8-OSL
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
tuuid=9ac15b13-a1ff-5217-beeb-5802ddd47fb1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
ut=Yz8nswAJCIAyk1y18E-O7ycUF1pDUwupa85jlA==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DB1273F63FE0024060230EA97
89.108.120.76302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DB1273F63FE0024060230EA97
IP 89.108.120.76:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 19:08:35 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DB1273F63FE0024060230EA97&bounce=1
expires: Thu, 06 Oct 2022 19:08:34 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 06 Oct 2022 19:08:34 GMT
set-cookie: __upin=/a4UbplDUeHW9LCqIMz5rQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1665083315;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
mc.yandex.ru/watch/24597218?wmode=7&page-url=http%3A%2F%2Fmedsouz74.ru%2Facts%2F%23.Yz8nse_LeiA&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1827%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A915959730651%3Ahid%3A776271461%3Az%3A0%3Ai%3A20221006190835%3Aet%3A1665083315%3Ac%3A1%3Arn%3A352608248%3Arqn%3A1%3Au%3A16650833151012313441%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A57%2C29%2C1488%2C2%2C-8%2C0%2C%2C1553%2C24%2C%2C%2C%2C3139%3Ans%3A1665083311679%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665083315%3At%3A%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/24597218?wmode=7&page-url=http%3A%2F%2Fmedsouz74.ru%2Facts%2F%23.Yz8nse_LeiA&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1827%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A915959730651%3Ahid%3A776271461%3Az%3A0%3Ai%3A20221006190835%3Aet%3A1665083315%3Ac%3A1%3Arn%3A352608248%3Arqn%3A1%3Au%3A16650833151012313441%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A57%2C29%2C1488%2C2%2C-8%2C0%2C%2C1553%2C24%2C%2C%2C%2C3139%3Ans%3A1665083311679%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665083315%3At%3A%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 2d004b5e785d04ed069728c63e8793e2
ea92da4688ee17834af33001d66c1f6ad5d36346
fe323288a2c6dbc5e9e7d075529e050a6cc41a03d48a7308bb82386b32b3a32d
GET /watch/24597218?wmode=7&page-url=http%3A%2F%2Fmedsouz74.ru%2Facts%2F%23.Yz8nse_LeiA&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1827%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A915959730651%3Ahid%3A776271461%3Az%3A0%3Ai%3A20221006190835%3Aet%3A1665083315%3Ac%3A1%3Arn%3A352608248%3Arqn%3A1%3Au%3A16650833151012313441%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A57%2C29%2C1488%2C2%2C-8%2C0%2C%2C1553%2C24%2C%2C%2C%2C3139%3Ans%3A1665083311679%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665083315%3At%3A%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://medsouz74.ru
Connection: keep-alive
Referer: http://medsouz74.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/24597218/1?wmode=7&page-url=http%3A%2F%2Fmedsouz74.ru%2Facts%2F%23.Yz8nse_LeiA&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1827%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A915959730651%3Ahid%3A776271461%3Az%3A0%3Ai%3A20221006190835%3Aet%3A1665083315%3Ac%3A1%3Arn%3A352608248%3Arqn%3A1%3Au%3A16650833151012313441%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A57%2C29%2C1488%2C2%2C-8%2C0%2C%2C1553%2C24%2C%2C%2C%2C3139%3Ans%3A1665083311679%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665083315%3At%3A%D0%9D%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%BE-%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%BA%D1%82%D1%8B%20%E2%80%93%20%D0%9D%D0%9A%20%C2%AB%D0%9C%D0%95%D0%94%D0%A1%D0%9E%D0%AE%D0%97%C2%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 19:08:35 GMT
access-control-allow-origin: http://medsouz74.ru
set-cookie: yandexuid=17378491665083315; Expires=Fri, 06-Oct-2023 19:08:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=17378491665083315; Expires=Fri, 06-Oct-2023 19:08:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2119896331665083315; Path=/; SameSite=None; Secure
i=NiKhZQYnuIGzh2XF1SV+geyheib6j3BCSYyXbyLlq2Y64eG0wzJVcGLGh2ciqoWQtv47sQayGtGdgUjniQ9wShXyk9M=; Expires=Sun, 03-Oct-2032 19:08:34 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696619315.yrts.1665083315#1696619315.yrtsi.1665083315; Expires=Fri, 06-Oct-2023 19:08:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 19:08:35 GMT
last-modified: Thu, 06-Oct-2022 19:08:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1CB35A9DB1273F63FE0024060230EA97
194.190.76.44302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1CB35A9DB1273F63FE0024060230EA97
IP 194.190.76.44:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 19:08:35 GMT
content-length: 0
x-backend-id: f22-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=ugagpVfAF9h7.AikABlGDrrMVxw;Path=/;Domain=.adhigh.net;Expires=Fri, 06-Oct-2023 19:08:35 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1CB35A9DB1273F63FE0024060230EA97&bounced=1
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
tuuid=9220c5df-2015-5217-bb71-f28ed84ed53d; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
ut=Yz8nswAKybi48srEpGunxySAyEDtGJqpmMwlww==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 19:08:35 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DB1273F63FE0024060230EA97&bounce=1
89.108.120.76204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DB1273F63FE0024060230EA97&bounce=1
IP 89.108.120.76:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1CB35A9DB1273F63FE0024060230EA97&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 19:08:35 GMT
expires: Thu, 06 Oct 2022 19:08:34 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 06 Oct 2022 19:08:34 GMT
set-cookie: __upin=UGQdL1VLHFxMatm7f/CNQQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1665083315;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1CB35A9DB1273F63FE0024060230EA97&bounced=1
194.190.76.44200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1CB35A9DB1273F63FE0024060230EA97&bounced=1
IP 194.190.76.44:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1CB35A9DB1273F63FE0024060230EA97&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 19:08:35 GMT
content-type: image/gif
content-length: 49
x-backend-id: f22-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
medsouz74.ru/favicon.ico
46.254.17.18404 Not Found 6.7 kB IP 46.254.17.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (439), with CRLF, LF line terminators
Hash aba2ca408da6485d017a44e38599b9b7
ab2e9a1bd37856a0a5c829437772260db1d723cb
cb66d873113af20dee8b944866ea71c5f1d7b978b2e60bc0fee2831c72c65761
GET /favicon.ico HTTP/1.1
Host: medsouz74.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/acts/
Cookie: PHPSESSID=583li3qbhj1154ojcehtap71e4; fid=65366985-ebd6-4561-999f-11935734bfb0; __atuvc=1%7C40; __atuvs=633f27b108fc378d000
HTTP/1.1 404 Not Found
Server: nginx/1.12.2
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.35
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
X-Powered-CMS: Bitrix Site Manager (7a455765bf6e98501d9071daa43f46e1)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
tech.rtb.mts.ru/
213.87.44.187204 No Content 0 B IP 213.87.44.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 19:08:35 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=4c433f20-9c0a-477e-a586-8414d47d1d32; Domain=mts.ru; expires=Sat, 14 Aug 2032 19:08:35 GMT; SameSite=None; Secure
mts_id_last_sync=1665083315; Domain=mts.ru; expires=Sat, 14 Aug 2032 19:08:35 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
tag.digitaltarget.ru/processor.js?i=781580076730733
185.15.175.158200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=781580076730733
IP 185.15.175.158:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 9d8bbf9b7d1aaed9a324a9cf9977dda4
d3365fba7f95ca11a9564b373162d1ddb06fcdbd
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
GET /processor.js?i=781580076730733 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:36 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 06 Oct 2022 19:04:30 GMT
Connection: keep-alive
ETag: "633f26be-3e14"
Accept-Ranges: bytes
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6007573066
195.209.108.37302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6007573066
IP 195.209.108.37:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6007573066 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 06 Oct 2022 19:08:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 05 Oct 2024 19:08:35 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c1bab23ca7ccbce4c2ad2db9b2a05a15
70e64c2622b88f490fce188d4d754ca4b91997be
8bf7af1e94f448af6272e1d0f0bf6aa3efcd66c0db61eab4068a4e761fad5140
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BF7AF1E94F448AF6272E1D0F0BF6AA3EFCD66C0DB61EAB4068A4E761FAD5140"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18327
Expires: Fri, 07 Oct 2022 00:14:03 GMT
Date: Thu, 06 Oct 2022 19:08:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c1bab23ca7ccbce4c2ad2db9b2a05a15
70e64c2622b88f490fce188d4d754ca4b91997be
8bf7af1e94f448af6272e1d0f0bf6aa3efcd66c0db61eab4068a4e761fad5140
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BF7AF1E94F448AF6272E1D0F0BF6AA3EFCD66C0DB61EAB4068A4E761FAD5140"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18327
Expires: Fri, 07 Oct 2022 00:14:03 GMT
Date: Thu, 06 Oct 2022 19:08:36 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=823517828226069.505181139654379&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.159307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=823517828226069.505181139654379&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=823517828226069.505181139654379&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 06 Oct 2022 19:08:36 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=823517828226069.505181139654379&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=EYwL6iXJCE0Zs9.7CZtO; Max-Age=93312000; Expires=Sat, 20 Sep 2025 19:08:36 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=823517828226069.505181139654379&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.159200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=823517828226069.505181139654379&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=823517828226069.505181139654379&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:36 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 10
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=74819921&dT=2022-10-06T19%3A08%3A36.712
46.4.114.109302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=74819921&dT=2022-10-06T19%3A08%3A36.712
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=74819921&dT=2022-10-06T19%3A08%3A36.712 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://medsouz74.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 06 Oct 2022 19:08:36 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=7560b3a5-c265-4fea-8243-d0ae4088e449&dp=10&tz=%2B00%3A00&nc=74819921&dT=2022-10-06T19%3A08%3A36.712
dmg.digitaltarget.ru/1/1093/i/i?i=823517828226069.228313443649819&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.159307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=823517828226069.228313443649819&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=823517828226069.228313443649819&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 06 Oct 2022 19:08:36 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=823517828226069.228313443649819&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=iQWwMduJSPjFgU.7CuvK; Max-Age=93312000; Expires=Sat, 20 Sep 2025 19:08:36 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=823517828226069.228313443649819&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.159200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=823517828226069.228313443649819&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=823517828226069.228313443649819&a=77&e=1CB35A9DB1273F63FE0024060230EA97&pref=http%3A%2F%2Fmedsouz74.ru%2F&c=ss:77.up:1CB35A9DB1273F63FE0024060230EA97.sync:up.xdua:duHdeOxJRcLVMomn_tUc2id2.xps:xpskQ0jX2ssdZL9hYz7Ozk0oE.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 19:08:37 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/match?dp=127&euid=oNoxCTyUw2sr6TmU23b6
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=oNoxCTyUw2sr6TmU23b6
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=oNoxCTyUw2sr6TmU23b6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=nVqzHGM/J7EGJAD+l+owAvfe6aH1NC1b+i6O+Dp9P4zEvQq1; cSyncDp7v2=1665083313; cSyncDp14v3=1665083313; cSyncDp17=1665083313; cSyncDp32=1665083313; cSyncDp45v3=1665083313; cSyncDp53=1665083313; cSyncDp54v2=1665083313; cSyncDp62=1665083313; cSyncDp67v2=1665083313; cSyncDp68=1665083313; cSyncDp71=1665083313; cSyncDp77=1665083313; cSyncDp84=1665083313; cSyncDp85=1665083313; cSyncDp95v3=1665083313; cSyncDp101=1665083313; cSyncDp104v2=1665083313; cSyncDp107=1665083313; cSyncDp110=1665083313; cSyncDp111v2=1665083313; cSyncDp112v2=1665083313; cSyncDp125v2=1665083313; cSyncDp126=1665083313; cSyncDp127=1665083313; cSyncDp129=1665083313; cSyncDp136v2=1665083313; cSyncDp138=1665083313; cSyncDp144=1665083313; cSyncDp146=1665083313; cSyncDp148=1665083313; cSyncDp149=1665083313; cSyncDp151=1665083313; cSyncDp178=1665083313; cSyncDp179=1665083313; cSyncDp186=1665083313; cSyncDp221=1665083313
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 19:08:39 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1CB35A9DB1273F63FE0024060230EA97
87.250.250.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1CB35A9DB1273F63FE0024060230EA97
IP 87.250.250.90:0
GET /mapuid/sapeis/1CB35A9DB1273F63FE0024060230EA97 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1CB35A9DB1273F63FE0024060230EA97?redir-setuniq=1
date: Thu, 06 Oct 2022 19:08:35 GMT
set-cookie: yandexuid=1720760551665083315; domain=.yandex.ru; path=/; expires=Sun, 03-Oct-2032 19:08:35 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06 Oct 2022 19:08:35 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 06 Oct 2022 19:08:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2