firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 18:04:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aLfMiUBQJ5wnOcp958evCWgS4YVwnyhxgwHG5b3uEe_w9VwK_DFEWw==
Age: 2356
goryachieklavishi.ru/index.php?page=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010
200 OK 50 kB URL HTTP/1.1 goryachieklavishi.ru/index.php?page=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010
IP
ASN #49693 Best-Hoster Group Co. Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (853), with CRLF, LF line terminators
Hash f66b6d4bc375f096948b4d29f8bcc940
f44256b30ec6c1e9c37f0b19db7459669e06ddc0
555d1de7741163f916a0ceb023b345832c54811e92f7b28575cf60c7beb99d9d
Analyzer Verdict Alert fortinet Malware
GET /index.php?page=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010 HTTP/1.1
Host: goryachieklavishi.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:00 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=150
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Wed, 07 Sep 2022 19:39:19 GMT
Date: Wed, 07 Sep 2022 18:44:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VYBsxQPcXuG6pJIgDxQSBbtaX9PrqaW2pzkzOt3u9nKk-JK-b1_y2Q==
age: 53846
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:44:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
200 OK 25 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 24715
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Sep 2022 12:07:17 GMT
Expires: Sat, 02 Sep 2023 12:07:17 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 455803
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
200 OK 6.8 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js
IP
File type ASCII text, with very long lines (1514)
Hash b8616f97b0f5dd61f120838d8a48244a
6e06e5f2faffcfb22c00635b7db281efba6cc2fe
d8bec310b767201612b0409c1325c137237c2c493c7ee8960d49a019c4d7a0b2
GET /ajax/libs/webfont/1.4.7/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 6756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 17:20:26 GMT
expires: Thu, 07 Sep 2023 17:20:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 5014
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/watch.js
302 Moved temporarily 0 B URL HTTP/1.1 mc.yandex.ru/metrika/watch.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 156b66126e500b8c2686258d93bbc8e6
6670b620f179793234f13b96e240490bbcafdb0f
25c5b9d927eb3cb29882f74e297ecb6034e7b7c7fe7e4ca017fb98a743fbfb7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C5B9D927EB3CB29882F74E297ECB6034E7B7C7FE7E4CA017FB98A743FBFB7C"
Last-Modified: Mon, 05 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7314
Expires: Wed, 07 Sep 2022 20:45:54 GMT
Date: Wed, 07 Sep 2022 18:44:00 GMT
Connection: keep-alive
jkeks.ru/css/kube.min.css
200 OK 57 kB URL HTTP/1.1 jkeks.ru/css/kube.min.css
IP
ASN #49693 Best-Hoster Group Co. Ltd.
File type ASCII text, with very long lines (56931), with no line terminators
Hash d3ff0073cd62024ed35f0d587b8e2bd4
db75e0740156b107db58d45723e0347e1af2fa09
443fb4c825514a670818521f5965a921f784d340378a2888acdc822d0ec523bb
GET /css/kube.min.css HTTP/1.1
Host: jkeks.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:00 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 30 Jan 2015 05:16:26 GMT
Accept-Ranges: bytes
Content-Length: 56931
Keep-Alive: timeout=5, max=150
Content-Type: text/css
jkeks.ru/js/jquery-2.0.3.min.js
200 OK 84 kB URL HTTP/1.1 jkeks.ru/js/jquery-2.0.3.min.js
IP
ASN #49693 Best-Hoster Group Co. Ltd.
File type ASCII text, with very long lines (32023)
Hash 0a6e846b954e345951e710cd6ce3440e
fbf9c77d0c4e3c34a485980c1e5316b6212160c8
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
GET /js/jquery-2.0.3.min.js HTTP/1.1
Host: jkeks.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:00 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 13 Dec 2013 13:06:40 GMT
Accept-Ranges: bytes
Content-Length: 83612
Keep-Alive: timeout=5, max=150
Content-Type: application/javascript
w.uptolike.com/widgets/v1/zp.js?pid=lfca972a250614a5352893065db3fb60b0b175b7aa
200 OK 11 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp.js?pid=lfca972a250614a5352893065db3fb60b0b175b7aa
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (585)
Hash 1d3128dbce8964e8e3d220d6cbe4fb1e
83470823a6810c1cf1d46603d307b0529680e1fc
42bbbaf43103863503581fdeaa00e8b16efdfad2b4e2859824c5fb094e1d4709
GET /widgets/v1/zp.js?pid=lfca972a250614a5352893065db3fb60b0b175b7aa HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=28697524885; Expires=Fri, 06 Sep 2024 18:44:01 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="; Expires=Fri, 06 Sep 2024 18:44:01 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=31556926
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
fonts.googleapis.com/css?family=Fira+Sans:300,300italic,regular,italic,500,500italic,700,700italic&subset=cyrillic-ext,latin,cyrillic,latin-ext
200 OK 952 B URL HTTP/1.1 fonts.googleapis.com/css?family=Fira+Sans:300,300italic,regular,italic,500,500italic,700,700italic&subset=cyrillic-ext,latin,cyrillic,latin-ext
IP
Hash e995156fa3f29fce8708657d8feb611b
c15e65532b89b0a8c82d936555fabb68ba1faa81
445cbbf3d133ef3fc340a18755e4e2b61ad79de4aa35564902d7dddc11904d98
GET /css?family=Fira+Sans:300,300italic,regular,italic,500,500italic,700,700italic&subset=cyrillic-ext,latin,cyrillic,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 07 Sep 2022 18:44:01 GMT
Date: Wed, 07 Sep 2022 18:44:01 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash cda2818f121646cc9fe27e751160aa27
0d755088dae10b6416fefdb8317a35250d540616
0c5ec24ee8300e7d37f55eec60309314e061dc7fc48012b2c8aa82490c01bff8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 11 Sep 2022 15:10:43 GMT
ETag: "0d755088dae10b6416fefdb8317a35250d540616"
Last-Modified: Wed, 07 Sep 2022 15:10:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2876
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747197e32c73b50b-OSL
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eQhf6TF0.woff2
200 OK 11 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eQhf6TF0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11096, version 1.0\012- data
Hash adce175bfc9ec588883f6b4d34619f8a
fd23d83be4934ad055d2acd406016e07d6f952ff
6b21f05fa70af86b76bc9e70bbe8275579937e6218a97718bde1fd27221f9473
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eQhf6TF0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11096
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 03 Sep 2022 08:16:50 GMT
Expires: Sun, 03 Sep 2023 08:16:50 GMT
Cache-Control: public, max-age=31536000
Age: 383231
Last-Modified: Thu, 21 Apr 2022 16:51:45 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreQhf6TF0.woff2
200 OK 10 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreQhf6TF0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10128, version 1.0\012- data
Hash f0ad61d7d0bb3edcc289a52ffb14c467
519447bf24ab0b9ebb86de3603734b99d5964929
df2b6f531f21e148750dfda8b2adf58b683054d46b81503b3e14c74a34c0d0e5
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreQhf6TF0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 10128
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 04 Sep 2022 15:36:14 GMT
Expires: Mon, 04 Sep 2023 15:36:14 GMT
Cache-Control: public, max-age=31536000
Age: 270467
Last-Modified: Thu, 21 Apr 2022 16:56:24 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2
200 OK 10 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10228, version 1.0\012- data
Hash 04f51b82e452d158bd2c8d9b85d84b87
adeebf2224be5ab2edfeffc61bedb2e901365603
17346ce4e3e8e8f38c0acf0d4cac665b9c4f8ae8ae2f45d81a2906450e4ff168
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 10228
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Sep 2022 05:40:35 GMT
Expires: Sat, 02 Sep 2023 05:40:35 GMT
Cache-Control: public, max-age=31536000
Age: 479006
Last-Modified: Thu, 21 Apr 2022 17:08:09 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23724
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Sep 2022 04:30:20 GMT
Expires: Sat, 02 Sep 2023 04:30:20 GMT
Cache-Control: public, max-age=31536000
Age: 483221
Last-Modified: Thu, 21 Apr 2022 16:58:19 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data
Hash 4528524c7142b4e2d5c0438763223328
d439d881fd8c4f41e77c2fb07678e53fce3e331a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22592
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 03 Sep 2022 03:29:20 GMT
Expires: Sun, 03 Sep 2023 03:29:20 GMT
Cache-Control: public, max-age=31536000
Age: 400481
Last-Modified: Thu, 21 Apr 2022 16:51:36 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22316, version 1.0\012- data
Hash d90c9f754a38229355a68e57d560ba62
f10075d6769df2ad5470c441eae3535c40d61acc
be8268fdf5d6791bc737102f1429ecd20a78d58e2a2cea7db1f614aecefc40fb
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22316
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Sep 2022 11:02:29 GMT
Expires: Sat, 02 Sep 2023 11:02:29 GMT
Cache-Control: public, max-age=31536000
Age: 459692
Last-Modified: Thu, 21 Apr 2022 17:05:16 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrBiQyf4VFk.woff2
200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrBiQyf4VFk.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23224, version 1.0\012- data
Hash 277c3e5953e00c3d124f8c48bb49ec27
31856b661913ba71ea40d7c0f1a9b19a869cadb4
aca81375388e5168a0b776be758230812de2b740677dfad7a33e18e007669b9c
GET /s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrBiQyf4VFk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23224
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 07:36:40 GMT
Expires: Thu, 07 Sep 2023 07:36:40 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 21 Apr 2022 16:51:33 GMT
Content-Type: font/woff2
Age: 40041
fonts.gstatic.com/s/firasans/v16/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2
200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23488, version 1.0\012- data
Hash cc3c05a080b3b37e42a52d2f1809f12b
877933cfc9c860dfa067db86e7f2e2cbacdb76f4
e895de4f58ade3e9cd2db4dcd61eb030c4d4f85274622bbb23755a34c41b870e
GET /s/firasans/v16/va9C4kDNxMZdWfMOD5VvkrjJYTI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23488
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Sep 2022 07:18:07 GMT
Expires: Sat, 02 Sep 2023 07:18:07 GMT
Cache-Control: public, max-age=31536000
Age: 473154
Last-Modified: Thu, 21 Apr 2022 16:51:37 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22760, version 1.0\012- data
Hash d36cf1e01f039283292b186b9c85c883
569131c8375a808d1f6a1ad22786cc6b32ec9820
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22760
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Sep 2022 12:23:22 GMT
Expires: Sat, 02 Sep 2023 12:23:22 GMT
Cache-Control: public, max-age=31536000
Age: 454839
Last-Modified: Thu, 21 Apr 2022 16:56:24 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrA6Qif4VFk.woff2
200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrA6Qif4VFk.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23552, version 1.0\012- data
Hash 4bbf5e384d6b06f7db8b753560992cc1
68dfe3e551c3af43ccd94272d73882adba0ddb94
ad6de69fb78ef34006b189a8b1ace7b398ffbde8ec15833cbeeaa0a728f6587e
GET /s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrA6Qif4VFk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23552
Date: Wed, 07 Sep 2022 18:44:01 GMT
Expires: Thu, 07 Sep 2023 18:44:01 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 21 Apr 2022 16:54:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
goryachieklavishi.ru/img/bg.jpg
404 Not Found 68 kB URL HTTP/1.1 goryachieklavishi.ru/img/bg.jpg
IP
ASN #49693 Best-Hoster Group Co. Ltd.
Hash 4a28a6a6a7794cfdf0d22a234b84f882
d5ca3abebbe127130803d4f18bbc02a32b85ffba
31d064eca82acfc71f80d61bc81d5195de1b82d05618d8160a01cc58e62ea9ac
GET /img/bg.jpg HTTP/1.1
Host: goryachieklavishi.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/index.php?page=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010
HTTP/1.1 404 Not Found
Date: Wed, 07 Sep 2022 18:44:01 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=150
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1662576234352989
200 OK 84 B URL HTTP/1.1 w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1662576234352989
IP
ASN #12695 LLC Digital Network
File type ASCII text, with no line terminators
Hash 4cbf9f4e6d8331eb1053fe163b164370
e2011ec6038df80183eb1c95abffbea77c8812a8
d24feccf72a6e40aef539c0336f6019cc199dba9610d4b041cd2f46619340a53
GET /widgets/v1/version.js?cb=cb__utl_cb_share_1662576234352989 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Cookie: utl_id2=28697524885; utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 07 Sep 2022 07:19:49 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=28697524885; Expires=Fri, 06 Sep 2024 18:44:01 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="; Expires=Fri, 06 Sep 2024 18:44:01 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
mc.yandex.ru/metrika/watch.js
200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 1d55754e516a64479901a61dc8a0d136
7c47529b53f613bb2ffac7a32530e8fd594c194b
b4e7cd831347d3faeebe62c6e8595fc01804895f0bb5e30a5ceae7b400318649
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goryachieklavishi.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57251
date: Wed, 07 Sep 2022 18:44:01 GMT
access-control-allow-origin: *
etag: "63186565-dfa3"
expires: Wed, 07 Sep 2022 19:44:01 GMT
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4666
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:01 GMT
Last-Modified: Wed, 07 Sep 2022 17:26:15 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
w.uptolike.com/widgets/v1/impression.html?8a491ee3fa1c76c2fddc9bbf23d1953d
200 OK 624 B URL HTTP/1.1 w.uptolike.com/widgets/v1/impression.html?8a491ee3fa1c76c2fddc9bbf23d1953d
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (511)
Hash db0f291b1ee364d9de4ad30906fac72a
46ae53e00d5964e1fbd0d75c0483f4718db48e8e
9b2a1dadf125f7367489db7e4bd8c22b34ec3126220422467b0de51f0274f64d
GET /widgets/v1/impression.html?8a491ee3fa1c76c2fddc9bbf23d1953d HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Cookie: utl_id2=28697524885; utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Wed, 07 Sep 2022 19:14:01 GMT
Content-Encoding: gzip
w.uptolike.com/widgets/v1/extra.js?rnd=0.1989050539839805
200 OK 1.9 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/extra.js?rnd=0.1989050539839805
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (691)
Hash d2742891796d76802a4394ed15d70e42
3af498fad42e057921099c40c464a7c69106f020
c020db899fca39195ed1857776f5ed2969cba443ee928ff19bf81ee9cc7ee4bb
GET /widgets/v1/extra.js?rnd=0.1989050539839805 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Cookie: utl_id2=28697524885; utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 07 Sep 2022 07:19:49 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=28697524885; Expires=Fri, 06 Sep 2024 18:44:01 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="; Expires=Fri, 06 Sep 2024 18:44:01 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
w.uptolike.com/widgets/v1/zp/imp?pid=lfca972a250614a5352893065db3fb60b0b175b7aa&fl=false&sw=1280&sh=1024&vw=1152&vh=836&vp=aed6ed4c-18c3-43ae-a4be-2621fb5f355c&ttl=JUQwJTkzJUQwJUJFJUQxJTgwJUQxJThGJUQxJTg3JUQwJUI4JUQwJUI1JTIwJUQwJUJBJUQwJUJCJUQwJUIwJUQwJUIyJUQwJUI4JUQxJTg4JUQwJUI4JTIwJUQwJTlGJUQxJTgwJUQwJUJFJUQwJUIyJUQwJUJFJUQwJUI0JUQwJUJEJUQwJUI4JUQwJUJBJUQwJUIwJTIwV2luZG93cyUyMDEw&url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&rnd=0.3711932324389119
204 No Content 0 B URL HTTP/1.1 w.uptolike.com/widgets/v1/zp/imp?pid=lfca972a250614a5352893065db3fb60b0b175b7aa&fl=false&sw=1280&sh=1024&vw=1152&vh=836&vp=aed6ed4c-18c3-43ae-a4be-2621fb5f355c&ttl=JUQwJTkzJUQwJUJFJUQxJTgwJUQxJThGJUQxJTg3JUQwJUI4JUQwJUI1JTIwJUQwJUJBJUQwJUJCJUQwJUIwJUQwJUIyJUQwJUI4JUQxJTg4JUQwJUI4JTIwJUQwJTlGJUQxJTgwJUQwJUJFJUQwJUIyJUQwJUJFJUQwJUI0JUQwJUJEJUQwJUI4JUQwJUJBJUQwJUIwJTIwV2luZG93cyUyMDEw&url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&rnd=0.3711932324389119
IP
ASN #12695 LLC Digital Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/v1/zp/imp?pid=lfca972a250614a5352893065db3fb60b0b175b7aa&fl=false&sw=1280&sh=1024&vw=1152&vh=836&vp=aed6ed4c-18c3-43ae-a4be-2621fb5f355c&ttl=JUQwJTkzJUQwJUJFJUQxJTgwJUQxJThGJUQxJTg3JUQwJUI4JUQwJUI1JTIwJUQwJUJBJUQwJUJCJUQwJUIwJUQwJUIyJUQwJUI4JUQxJTg4JUQwJUI4JTIwJUQwJTlGJUQxJTgwJUQwJUJFJUQwJUIyJUQwJUJFJUQwJUI0JUQwJUJEJUQwJUI4JUQwJUJBJUQwJUIwJTIwV2luZG93cyUyMDEw&url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&rnd=0.3711932324389119 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/impression.html?8a491ee3fa1c76c2fddc9bbf23d1953d
Cookie: utl_id2=28697524885; utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 41cf1b1f26172f1939f2cc85b8337df1
bcc77292fba846a35319c8b454800c4c765dbd6b
194d381427943984a5a5d87232d5b8745bca6e9b25c75afebe482f03f4ec104f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "194D381427943984A5A5D87232D5B8745BCA6E9B25C75AFEBE482F03F4EC104F"
Last-Modified: Mon, 05 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7476
Expires: Wed, 07 Sep 2022 20:48:37 GMT
Date: Wed, 07 Sep 2022 18:44:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6a8008adf95056a22faed842c006c825
6bec6628ce1e35991774a53c22c8d98193526a4e
e13e886c4136ae374461c6db44649c3c19452c64ed25a5f2235f5f7ecf5c81ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E13E886C4136AE374461C6DB44649C3C19452C64ED25A5F2235F5F7ECF5C81FF"
Last-Modified: Mon, 05 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9920
Expires: Wed, 07 Sep 2022 21:29:21 GMT
Date: Wed, 07 Sep 2022 18:44:01 GMT
Connection: keep-alive
cdn.smntq.com/c83ul/smart.js
200 OK 1.2 kB URL HTTP/2 cdn.smntq.com/c83ul/smart.js
IP
ASN #24940 Hetzner Online GmbH
Hash c07cf801844b0362214d42ba4ea3942a
125082aa675bae7fb980d929cc484814d393e0d8
f302363af823735a47e9352d24415c318edfa771c6759523b03a1dfbb7055079
GET /c83ul/smart.js HTTP/1.1
Host: cdn.smntq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Sep 2022 18:44:01 GMT
content-type: text/javascript;charset=UTF-8
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e4031cfc0e0256f1dbf2405cd3ae1e6
e3961914abdca00789f15a5aec8b7357724fc478
ade2de26ac18f295ad2f6837251025a0c36e3e8691ebf8a15593ef1d849d89ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADE2DE26AC18F295AD2F6837251025A0C36E3E8691EBF8A15593EF1D849D89EF"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10495
Expires: Wed, 07 Sep 2022 21:38:56 GMT
Date: Wed, 07 Sep 2022 18:44:01 GMT
Connection: keep-alive
af.click.ru/collect_stat.js
200 OK 913 B URL HTTP/1.1 af.click.ru/collect_stat.js
IP
ASN #20655 e-Style ISP LLC
Hash 9531806d16d72f9659eaab01bd09689b
7640f092c2b928c614bb46251477a3c80b3e820b
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
GET /collect_stat.js HTTP/1.1
Host: af.click.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: application/javascript
Content-Length: 913
Last-Modified: Fri, 22 Jul 2022 11:33:41 GMT
Connection: keep-alive
ETag: "62da8b15-391"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7ce00faf322f55f918a3d7a3bd16790
a66e87b6b2d7b408cd8cf946f64f17b87bdccd53
0712681b8f452b232282e4bb36cf04b7f4f5e554a50f54253b4cc511980f23e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0712681B8F452B232282E4BB36CF04B7F4F5E554A50F54253B4CC511980F23E6"
Last-Modified: Wed, 07 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9675
Expires: Wed, 07 Sep 2022 21:25:16 GMT
Date: Wed, 07 Sep 2022 18:44:01 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hchDUStgl+RCAD2T4mLwVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G5LMpvRUXIlptU312St55Wkxabg=
ddtcheck.ru/lama/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lama/ HTTP/1.1
Host: ddtcheck.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Wednesday, 07-Sep-2022 18:44:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
plussync.ru/pop/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/ HTTP/1.1
Host: plussync.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Wed, 07 Sep 2022 18:44:01 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Wednesday, 07-Sep-2022 18:44:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56d338042a3f750cc65c190d3f0976ba
6087516220efc04945d6b365edcc8e1ed94fb2aa
d8c807032f02cf5979f7f765541a3c68e25250d9f6d42749a8fa49279afce72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C807032F02CF5979F7F765541A3C68E25250D9F6D42749A8FA49279AFCE72A"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10971
Expires: Wed, 07 Sep 2022 21:46:53 GMT
Date: Wed, 07 Sep 2022 18:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb301ea36d813fcb7760225240bfc584
e65cc3b16e4b23dfaea35b964a08b7ebbc629b2f
ee7635d865065c730c8cabee36108981cd2f3ba71b0322af6785e3ae52941d75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE7635D865065C730C8CABEE36108981CD2F3BA71B0322AF6785E3AE52941D75"
Last-Modified: Wed, 07 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8034
Expires: Wed, 07 Sep 2022 20:57:56 GMT
Date: Wed, 07 Sep 2022 18:44:02 GMT
Connection: keep-alive
edn.whilen.ru/sta453b3qh45lr/1.4.5.js
200 OK 9.6 kB URL HTTP/2 edn.whilen.ru/sta453b3qh45lr/1.4.5.js
IP
ASN #199524 G-Core Labs S.A.
Hash 2731e6bba4bd1139b56d4ee6f8fb51cf
90cd5e3c931575ed835bdf0b2b1dbf7561306e75
42834d9114fd17030efa9a002fdeb054d36e0413d06c9cf82d382b8bd3d97a83
Analyzer Verdict Alert fortinet Malware
GET /sta453b3qh45lr/1.4.5.js HTTP/1.1
Host: edn.whilen.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:44:02 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"e22b559d6fc3241ea271ecf13869d8fc"
last-modified: Fri, 26 Nov 2021 15:33:27 GMT
x-timestamp: 1637940806.16302
x-trans-id: 16bb227c2a251146
age: 0
cache: HIT
x-cached-since: 2022-09-07T18:37:33+00:00
x-id: sto5-up-gc12
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/aci.js
200 OK 7.5 kB IP
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:02 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Thu, 08 Sep 2022 06:44:02 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Wed, 07 Sep 2022 17:04:46 GMT
Expires: Wed, 07 Sep 2022 19:04:46 GMT
Cache-Control: public, max-age=7200
Age: 5956
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 58 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (2897)
Hash d1fbbbcacd8feb466b18823b5fd25a75
5454597b24fd8961f88aec7997f24d90883a0235
aad9726fe983e10fd07d8e35a6e4bec5e8dacf009f97fe723a70ed3006806bd6
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Sep 2022 18:44:02 GMT
Expires: Wed, 07 Sep 2022 18:44:02 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 10745358976074542129
Vary: Accept-Encoding, Origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 57546
X-XSS-Protection: 0
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 07 Sep 2022 18:44:02 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Wed, 07 Sep 2022 19:44:02 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
302 Moved temporarily 0 B URL HTTP/1.1 mc.yandex.ru/metrika/watch.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js
bs.yandex.ru/informer/3833713/3_0_407D37FF_205D17FF_1_pageviews
302 Moved temporarily 0 B URL HTTP/1.1 bs.yandex.ru/informer/3833713/3_0_407D37FF_205D17FF_1_pageviews
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /informer/3833713/3_0_407D37FF_205D17FF_1_pageviews HTTP/1.1
Host: bs.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/informer/3833713/3_0_407D37FF_205D17FF_1_pageviews
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220901/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Wed, 07 Sep 2022 14:10:35 GMT
expires: Wed, 21 Sep 2022 14:10:35 GMT
cache-control: public, max-age=1209600
age: 16407
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
w.uptolike.com/widgets/v1/zp/support.html
200 OK 3.8 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp/support.html
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a4af8c67ad0a2a6f681a742faca4463e
50794dee2e25cb8ec2187256750e00dc3231faa7
10ace92ddcb397879ff3569155caf7c3e28c3b4ee8c35eaddb48af927520ecf5
GET /widgets/v1/zp/support.html HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Cookie: utl_id2=28697524885; utl_dat="CNzTkMqxMBAAINyk29KxMCjcpNvSsTAwAF92hyEFEQSEOZng0TwB7rI="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:02 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Wed, 07 Sep 2022 19:14:02 GMT
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1309735936&utmhn=goryachieklavishi.ru&utmcs=UTF-8&utmsr=1280x1024&utmvp=1140x836&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&utmhid=868253280&utmr=-&utmp=%2Findex.php%3Fpage%3D%2525D0%252593%2525D0%2525BE%2525D1%252580%2525D1%25258F%2525D1%252587%2525D0%2525B8%2525D0%2525B5%252520%2525D0%2525BA%2525D0%2525BB%2525D0%2525B0%2525D0%2525B2%2525D0%2525B8%2525D1%252588%2525D0%2525B8%252520%2525D0%25259F%2525D1%252580%2525D0%2525BE%2525D0%2525B2%2525D0%2525BE%2525D0%2525B4%2525D0%2525BD%2525D0%2525B8%2525D0%2525BA%2525D0%2525B0%252520Windows%25252010&utmht=1662576235690&utmac=UA-1527222-35&utmcc=__utma%3D202027143.926231410.1662576236.1662576236.1662576236.1%3B%2B__utmz%3D202027143.1662576236.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1379840059&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1309735936&utmhn=goryachieklavishi.ru&utmcs=UTF-8&utmsr=1280x1024&utmvp=1140x836&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&utmhid=868253280&utmr=-&utmp=%2Findex.php%3Fpage%3D%2525D0%252593%2525D0%2525BE%2525D1%252580%2525D1%25258F%2525D1%252587%2525D0%2525B8%2525D0%2525B5%252520%2525D0%2525BA%2525D0%2525BB%2525D0%2525B0%2525D0%2525B2%2525D0%2525B8%2525D1%252588%2525D0%2525B8%252520%2525D0%25259F%2525D1%252580%2525D0%2525BE%2525D0%2525B2%2525D0%2525BE%2525D0%2525B4%2525D0%2525BD%2525D0%2525B8%2525D0%2525BA%2525D0%2525B0%252520Windows%25252010&utmht=1662576235690&utmac=UA-1527222-35&utmcc=__utma%3D202027143.926231410.1662576236.1662576236.1662576236.1%3B%2B__utmz%3D202027143.1662576236.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1379840059&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1309735936&utmhn=goryachieklavishi.ru&utmcs=UTF-8&utmsr=1280x1024&utmvp=1140x836&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&utmhid=868253280&utmr=-&utmp=%2Findex.php%3Fpage%3D%2525D0%252593%2525D0%2525BE%2525D1%252580%2525D1%25258F%2525D1%252587%2525D0%2525B8%2525D0%2525B5%252520%2525D0%2525BA%2525D0%2525BB%2525D0%2525B0%2525D0%2525B2%2525D0%2525B8%2525D1%252588%2525D0%2525B8%252520%2525D0%25259F%2525D1%252580%2525D0%2525BE%2525D0%2525B2%2525D0%2525BE%2525D0%2525B4%2525D0%2525BD%2525D0%2525B8%2525D0%2525BA%2525D0%2525B0%252520Windows%25252010&utmht=1662576235690&utmac=UA-1527222-35&utmcc=__utma%3D202027143.926231410.1662576236.1662576236.1662576236.1%3B%2B__utmz%3D202027143.1662576236.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1379840059&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Wed, 07 Sep 2022 18:44:02 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
goryachieklavishi.ru/favicon.ico
200 OK 124 kB URL HTTP/1.1 goryachieklavishi.ru/favicon.ico
IP
ASN #49693 Best-Hoster Group Co. Ltd.
File type gzip compressed data, max compression\012- data
Size 124 kB (124218 bytes)
Hash 308c519929b7452017a91494c56f0975
735810459da8bcbdcda6c56cd752abf5b163181b
08652ba2c1a6379c82fbf55a2234a99fc292f646666bc309ff255f01103b4515
GET /favicon.ico HTTP/1.1
Host: goryachieklavishi.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/index.php?page=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010
Cookie: _ym_uid=1662576235643618247; _ym_d=1662576235; fid=6c0e1fea-187f-43a7-a3b4-3973f6379947
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:02 GMT
Server: Apache
Last-Modified: Fri, 21 Jan 2011 10:50:10 GMT
Accept-Ranges: bytes
Content-Length: 22486
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: image/x-icon
mc.yandex.ru/watch/3833713?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1265361940102%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A231884957%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/3833713?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1265361940102%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A231884957%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash a97e21a5f19d0fcb92d9b23a55c24894
d0cd3c4de079683776600ddc256c853840284ad7
43a7f9da452e4221592a4d47a67b5b668f32b1ebf9a654a4fe491ddfd0165154
GET /watch/3833713?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1265361940102%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A231884957%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/3833713/1?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1265361940102%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A231884957%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 07 Sep 2022 18:44:02 GMT
access-control-allow-origin: http://goryachieklavishi.ru
set-cookie: yandexuid=8103309511662576242; Expires=Thu, 07-Sep-2023 18:44:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8103309511662576242; Expires=Thu, 07-Sep-2023 18:44:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=566988081662576242; Path=/; SameSite=None; Secure
i=2Mbg51mkvR+XQ8MLekeRaU39Kx4LsZ0/5jwGboJrK4lPpCYEIGUvNmkCG8FzI8riD3jEn0+Orm/xEk12LgRC9KfTQpw=; Expires=Sat, 04-Sep-2032 18:44:02 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694112242.yrts.1662576242#1694112242.yrtsi.1662576242; Expires=Thu, 07-Sep-2023 18:44:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 18:44:02 GMT
last-modified: Wed, 07-Sep-2022 18:44:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3833713/1?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1265361940102%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A231884957%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 426 B URL HTTP/2 mc.yandex.ru/watch/3833713/1?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1265361940102%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A231884957%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash a7ce2668c647c42ed27941ba40f7af64
a2148730ba93a1897ee7c79448ec9d6eeadb0d70
c18ead68b3eb78394dd355659958cb8aab210e842ffd92965e60bbdb149ab49b
GET /watch/3833713/1?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1265361940102%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A231884957%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://goryachieklavishi.ru
Referer: http://goryachieklavishi.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 426
date: Wed, 07 Sep 2022 18:44:02 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://goryachieklavishi.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 18:44:02 GMT
last-modified: Wed, 07-Sep-2022 18:44:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/informer/3833713/3_0_407D37FF_205D17FF_1_pageviews
200 OK 1.4 kB URL HTTP/2 mc.yandex.ru/informer/3833713/3_0_407D37FF_205D17FF_1_pageviews
IP
File type PNG image data, 88 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 27733a96887aca0945f2ba827159cb14
335d00ad24cd6458cbeb5728e933fba754e9151f
983b0bb27d73fdcb83c3edebe5e0519046978344f25fff62ca92ff049e14ad7b
GET /informer/3833713/3_0_407D37FF_205D17FF_1_pageviews HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goryachieklavishi.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1442
last-modified: Wed, 07-Sep-2022 18:44:02 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 18:44:02 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 88ec21b0e5cd4d013d7ac911c6977e71
3943f581412cc75d1a21c7a7806c145057a68abb
3f959b0dfc3d25c90c2f94ed82afec6fb2f40d5209d1c534eb0a9b183734c1d3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 73771
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcd025faafbf7161d4d606f47304c2b
a99519726bc82f2cc0541c79f47ddd15c7362669
ed7b147e3ea371ea4b014805d9c2f45407918924bb2ec540ea6f7cd0a8b1b698
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3529
x-amzn-requestid: 7c3c10fd-ce94-4d39-9fc0-de3f30d307c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XkARtEI8oAMFqjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b140a-396d466a114b14592f68c813;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:06:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PCqO2_8gh8yq-POB4jnsRNA0xRULJBB3n8-_Kz7nWQrxqbMPykbfkw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:16 GMT
age: 75707
etag: "a99519726bc82f2cc0541c79f47ddd15c7362669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq64HbCIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:04 GMT
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
age: 75719
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:57:13 GMT
age: 74810
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq26FI7oAMFpOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:33 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 75270
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 0054ce27-72f6-4161-90d0-eeb20d9c9537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqcrEczIAMFqlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdea-0c3e511533c91b783a458f2b;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q4n9f959aCshN6qgQ2LWVSUTmSd4hvjWyF2GNdsR1_asVSdFKxXsqw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:08 GMT
age: 75775
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=goryachieklavishi.ru
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=goryachieklavishi.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goryachieklavishi.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:44:03 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=goryachieklavishi.ru
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=goryachieklavishi.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goryachieklavishi.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:44:03 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 35bebda821efbdb6fec21090c26fcff0
5371b373af16c80121ad475bfbd377aadb9001b5
f10eb86a8452f13e8e9c9215e9a5b0c68bf9ddfa1979b9c7e1ad7acd8bb4dd9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.acint.net/mc/?dp=10
302 Moved Temporarily 142 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=70093088&u=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&oE=1&oP=1&dT=2022-09-07T18%3A43%3A55.443&fu=6c0e1fea-187f-43a7-a3b4-3973f6379947
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=70093088&u=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&oE=1&oP=1&dT=2022-09-07T18%3A43%3A55.443&fu=6c0e1fea-187f-43a7-a3b4-3973f6379947
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=70093088&u=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&oE=1&oP=1&dT=2022-09-07T18%3A43%3A55.443&fu=6c0e1fea-187f-43a7-a3b4-3973f6379947 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=70093088&u=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&oE=1&oP=1&dT=2022-09-07T18%3A43%3A55.443&fu=6c0e1fea-187f-43a7-a3b4-3973f6379947
www.acint.net/mc/?dp=10
302 Found 154 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goryachieklavishi.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 07-Sep-22 18:54:03 GMT
aid=wQO4iWMY5nOa3AJ7MgcCAlz4vkBqCYCO5CLlO80t9Aql6LcI; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=70093088&u=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&oE=1&oP=1&dT=2022-09-07T18%3A43%3A55.443&fu=6c0e1fea-187f-43a7-a3b4-3973f6379947
200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=70093088&u=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&oE=1&oP=1&dT=2022-09-07T18%3A43%3A55.443&fu=6c0e1fea-187f-43a7-a3b4-3973f6379947
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=70093088&u=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&r=&rs=1280x1024&t=%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&oE=1&oP=1&dT=2022-09-07T18%3A43%3A55.443&fu=6c0e1fea-187f-43a7-a3b4-3973f6379947 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goryachieklavishi.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c0ed4613ac4f971e3c5df691cbacefa8
8de2786096df5a34e658b8ccbbfff29258bda7e0
6e5163de39ab980bdf6cfa1209e062d073a01beda848ad8333a71e0551f68dd4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.utraff.com/sync?ssp=sape
204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Fri, 07 Oct 2022 21:44:03 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Fri, 07 Oct 2022 21:44:03 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZkGjfTjQOHFstYWZLQ95PiLiIiWeEw55iRR60bXwRsyQJXA81v5nEaSJ4R711sVhqMML8GMqT4ALIrNhles4XjUPDRmIuIwgBm5vyuhDyozaZKqGklfkUGzptg2iWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747197f22d520b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0257bf71f232921a64ef745e483249bf
d1c9e7485cbc2ca37dc49866422a73c33b868233
fc307f8316fddd387b7fb6c8baea148255d13f55388ac5eff5cbae4ccc83746f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC307F8316FDDD387B7FB6C8BAEA148255D13F55388AC5EFF5CBAE4CCC83746F"
Last-Modified: Tue, 06 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7984
Expires: Wed, 07 Sep 2022 20:57:07 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
partner.googleadservices.com/gampad/cookie.js?domain=goryachieklavishi.ru&callback=_gfp_s_&client=ca-pub-5954147232565215
200 OK 203 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=goryachieklavishi.ru&callback=_gfp_s_&client=ca-pub-5954147232565215
IP
File type ASCII text, with no line terminators
Hash 8e007c317c115da3dec86197fd484e32
0e9bad99e60fb6610d5956b565320bbb975b5038
d68137553f3f6e4f940333fca16bd2d3986a82f1108f093b6aea0ddf3966b4e5
GET /gampad/cookie.js?domain=goryachieklavishi.ru&callback=_gfp_s_&client=ca-pub-5954147232565215 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Sep 2022 18:44:03 GMT
server: cafe
cache-control: private
content-length: 203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4b5cc7826455202a28c1d96455fd043c
11db9914596c1cb39926785010aa271b6a57e0ac
a34bb23885bc0a257df78926385de07131dcd027b04d386bc40035790aa88319
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A34BB23885BC0A257DF78926385DE07131DCD027B04D386BC40035790AA88319"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7260
Expires: Wed, 07 Sep 2022 20:45:03 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
dm-eu.hybrid.ai/match?id=106&vid=89B803C173E618637B02DC9A02020732
204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=89B803C173E618637B02DC9A02020732
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 07 Sep 2022 18:44:03 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=896382883709ef374442; expires=Thu, 07 Sep 2023 18:44:03 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 529
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
sync.republer.com/match?dsp=sape
204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=6f10b5ce36e34dfab8935e278f659899
server: Kestrel
set-cookie: adlm_userId=6f10b5ce36e34dfab8935e278f659899; expires=Wed, 06 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Wed, 07 Sep 2022 18:44:03 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c0ed4613ac4f971e3c5df691cbacefa8
8de2786096df5a34e658b8ccbbfff29258bda7e0
6e5163de39ab980bdf6cfa1209e062d073a01beda848ad8333a71e0551f68dd4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=A6B803C173E618635700B71202C62118
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4pmMY5nMStwBXGCHGAoOwTxoEE8G+ZfL+niwwC7w9alJu; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C173E618637B02DC9A02020732
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=0baeab40-2edd-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 07 Sep 2023 18:44:03 GMT; SameSite=None; Secure
uid-legacy=0baeab40-2edd-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 07 Sep 2023 18:44:03 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C173E618637B02DC9A02020732&cs=1
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 535ffb46ab9d8e0fdb2cca89c2f3926d
c1dd38b4b2a8dc477c4d9daf0a54f625c7a52412
ab279edec9edd71cc5e96105c13c17f75e7b04f7a227fd27ce428e73356f26d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB279EDEC9EDD71CC5E96105C13C17F75E7B04F7A227FD27CE428E73356F26D4"
Last-Modified: Wed, 07 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8451
Expires: Wed, 07 Sep 2022 21:04:54 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29729acfa236c331b4ebc7b649777960
2d86bc95cee594b0136846a51d82fbb55a30701b
9446008904633e16be28cb5483c8a1d4bd1eda923d64ffe2212c7e5033aadc11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9446008904633E16BE28CB5483C8A1D4BD1EDA923D64FFE2212C7E5033AADC11"
Last-Modified: Tue, 06 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7507
Expires: Wed, 07 Sep 2022 20:49:10 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0df6f1a198b100fe7da1325eccb47948
300812c67de9ec3ca8b7b0ff2c3ea0c47e5d6de9
0c9ce820c834886551f1e3317e253b221f9d746ccf07c2e7a44294d78be93965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C9CE820C834886551F1E3317E253B221F9D746CCF07C2E7A44294D78BE93965"
Last-Modified: Wed, 07 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8023
Expires: Wed, 07 Sep 2022 20:57:46 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
sync.upravel.com/sape/sync
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1662576243747;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1662576243747;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C173E618637B02DC9A02020732&cs=1
200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C173E618637B02DC9A02020732&cs=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C173E618637B02DC9A02020732&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=0baeab40-2edd-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=0baeab40-2edd-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 07 Sep 2023 18:44:03 GMT; SameSite=None; Secure
uid-legacy=0baeab40-2edd-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 07 Sep 2023 18:44:03 GMT
X-Firefox-Spdy: h2
ut.rktch.com/matchspm?pi=1000005&pui=89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=89B803C173E618637B02DC9A02020732
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=881b0a3ef7e6ddd4f2f9922a130487208dd6; Max-Age=2592000; Expires=Fri, 07 Oct 2022 18:44:03 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
acint.net/match?dp=14&euid=A6B803C173E618635700B71202C62118
200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=A6B803C173E618635700B71202C62118
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=A6B803C173E618635700B71202C62118 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=6f10b5ce36e34dfab8935e278f659899
200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=6f10b5ce36e34dfab8935e278f659899
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=6f10b5ce36e34dfab8935e278f659899 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1292a4b86b7cc59d530e19501daf5607
25d23d0fae7c11930fe3f69b85b4b49ea2b4987b
b80fba15b475972ed7bc46340083b36c74d45825b9a98fa55fb82887332db701
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B80FBA15B475972ED7BC46340083B36C74D45825B9A98FA55FB82887332DB701"
Last-Modified: Tue, 06 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7569
Expires: Wed, 07 Sep 2022 20:50:12 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 07 Sep 2022 18:44:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=ANUFITXI
Set-Cookie: uid=ANUFITXI; Expires=Wed, 07 Sep 2032 00:00:00 GMT; mf2=1; Expires=Fri, 07 Oct 2022 00:00:00 GMT;
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 93790ef2e2aef0863c180b788bea0c2b
9dd7870122957f6ce0ba5b6f210b77bd572d725b
1975d18667e17bbb26b3b64c20cb7f7f63e48428198ece0289b03e2cc84dffe0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1975D18667E17BBB26B3B64C20CB7F7F63E48428198ECE0289B03E2CC84DFFE0"
Last-Modified: Wed, 07 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Wed, 07 Sep 2022 21:23:01 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0b2ebf64b97f4b91370c8d6c45c115f2
a08431f7c39438a88ec8422c9cbd0eee6a1a94d1
5da4d9ce80ecdd69067c772f862a7081d5727ca33a4d173594771785738cfdcf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DA4D9CE80ECDD69067C772F862A7081D5727CA33A4D173594771785738CFDCF"
Last-Modified: Tue, 06 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8105
Expires: Wed, 07 Sep 2022 20:59:08 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2bdc064b70da139fb798bc69eb382a3a
c84f90207288145f5b14b82e7e022dd607c7a277
cc41a8aeff25560aa90dc1a754afbcc58829839da7b90d988cbbb9d6a47e313d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC41A8AEFF25560AA90DC1A754AFBCC58829839DA7B90D988CBBB9D6A47E313D"
Last-Modified: Tue, 06 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2944
Expires: Wed, 07 Sep 2022 19:33:07 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
mediatoday.ru/core/match.gif?s=32&id=89B803C173E618637B02DC9A02020732
200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=89B803C173E618637B02DC9A02020732
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUd3bMirqZhrL8S; expires=Sat, 04-Sep-2032 18:44:03 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=89B803C173E618637B02DC9A02020732
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 07 Sep 2022 18:44:03 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=pIcHr8VQzPJHJXlVkEvz
set-cookie: jcsuuid=pIcHr8VQzPJHJXlVkEvz; expires=Thu, 07 Sep 2023 18:44:03 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=89B803C173E618637B02DC9A02020732
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=89B803C173E618637B02DC9A02020732
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQwYmJmZjUwOC0yZWRkLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Tue, 02 Sep 2042 18:44:03 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjzzOOYBmIgODlCODAzQzE3M0U2MTg2MzdCMDJEQzlBMDIwMjA3MzKiARALv_UILt0R7YbgACWQwGR8
ETag: 0bbff508-2edd-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=95&euid=ANUFITXI
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=ANUFITXI
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=ANUFITXI HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=89B803C173E618637B02DC9A02020732
204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=89B803C173E618637B02DC9A02020732
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
stat.adlabs.ru/merge_gpsid/?sid=50&id=89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=89B803C173E618637B02DC9A02020732
IP
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=89B803C173E618637B02DC9A02020732
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash c39b3a3dd47e184c4c32c75ac9f004a1
9b42eb44685eb58f3ff27c3dfd5c53e962373030
d066648ff6c211f19cab668357b2450cc0d5268d9c4406e938b36a4be743630b
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Sep 2022 15:07:52 GMT
ETag: "9b42eb44685eb58f3ff27c3dfd5c53e962373030"
Last-Modified: Wed, 07 Sep 2022 15:07:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2887
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747197f40ca5b50b-OSL
cs.agency2.ru/p?ssp=sp&uid=89B803C173E618637B02DC9A02020732
301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=89B803C173E618637B02DC9A02020732
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=7b705d16-d996-41a3-9034-97a782d6a8d2
Set-Cookie: uuid=7b705d16-d996-41a3-9034-97a782d6a8d2; expires=Tue, 29 Aug 2023 18:44:03 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.bumlam.com/?src=sap1&s_data=CAIQARjzzOOYBmIgODlCODAzQzE3M0U2MTg2MzdCMDJEQzlBMDIwMjA3MzKiARALv_UILt0R7YbgACWQwGR8
200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjzzOOYBmIgODlCODAzQzE3M0U2MTg2MzdCMDJEQzlBMDIwMjA3MzKiARALv_UILt0R7YbgACWQwGR8
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjzzOOYBmIgODlCODAzQzE3M0U2MTg2MzdCMDJEQzlBMDIwMjA3MzKiARALv_UILt0R7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQwYmJmZjUwOC0yZWRkLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQwYmJmZjUwOC0yZWRkLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Tue, 02 Sep 2042 18:44:03 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=127&euid=pIcHr8VQzPJHJXlVkEvz
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=pIcHr8VQzPJHJXlVkEvz
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=pIcHr8VQzPJHJXlVkEvz HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1662576243747
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/png
content-length: 0
location: https://63301fac-f0df-449c-97ea-099d0ffba7ba.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=63301fac-f0df-449c-97ea-099d0ffba7ba;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=63301fac-f0df-449c-97ea-099d0ffba7ba;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=7b705d16-d996-41a3-9034-97a782d6a8d2
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=7b705d16-d996-41a3-9034-97a782d6a8d2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=7b705d16-d996-41a3-9034-97a782d6a8d2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 84d73375b462b986e515c13f0af4466d
d3ddf28b91aed34018f23ce0030901ce3e746237
105c39960ef1820db2a1efdaf2106ac2e4482d4c15219f75d71057cd255bbe90
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 12:21:00 GMT
Expires: Wed, 14 Sep 2022 12:20:59 GMT
Etag: "d3ddf28b91aed34018f23ce0030901ce3e746237"
Cache-Control: max-age=581215,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747197f329bcb518-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 280bed3116180acffd2b2e3f507fceab
be9d1c152261b949ffaae7f6bf96e8ac88490e56
0af38d87ba1b4bb9258b5ab88a8d0349e2a7818a5e647f3e54434d6dd61c4213
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AF38D87BA1B4BB9258B5AB88A8D0349E2A7818A5E647F3E54434D6DD61C4213"
Last-Modified: Wed, 07 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7394
Expires: Wed, 07 Sep 2022 20:47:17 GMT
Date: Wed, 07 Sep 2022 18:44:03 GMT
Connection: keep-alive
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 1.4 kB URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
Hash ce01823265225c4d8a933a4fe977c076
0680f13f7bef2c8e925ed61f1b7f11752edb0e41
6d361ac90afa53d8ea6169be354d911eb5380080bc985f83e990d65f6899119a
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 07 Sep 2022 18:44:03 GMT
x-request-id: e93456db-6d05-4e73-961a-55d7ef63b62a
set-cookie: bvuid=0gryu462mr; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=0gryu462mr; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=0gryu462mr
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 18f827aad737a3532e33a8223b1e1765
5562a0ebc1816894c9e5d9c64273d49cc524083a
ad2730dd21d9c7c14c3b9938e350159b906140ccc81ad8703d2b84afae8c9606
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=18239a0a-6204-4cea-52b2-2aa0c7373d98
serverid: TODO
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=0gryu462mr
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=0gryu462mr
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=0gryu462mr HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
89b803c173e618637b02dc9a02020732-sp.ops.beeline.ru/p?ssp=sp&id=89B803C173E618637B02DC9A02020732
301 Moved Permanently 0 B URL HTTP/2 89b803c173e618637b02dc9a02020732-sp.ops.beeline.ru/p?ssp=sp&id=89B803C173E618637B02DC9A02020732
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: 89b803c173e618637b02dc9a02020732-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 07 Sep 2022 18:44:03 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=382bacad-265c-48e3-a651-2614644bc3e8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=382bacad-265c-48e3-a651-2614644bc3e8; expires=Tue, 29 Aug 2023 18:44:03 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.36
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=89B803C173E618637B02DC9A02020732
200 OK 86 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=89B803C173E618637B02DC9A02020732
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash cd01ca32a344e7529987fed41a31de69
4558538a8b95d32e8209cabc21462c0cbb8789e1
d243a8594bf956ada2c21d571ef312c61cbcbfc655b50efd1a55c11c2c4427a7
GET /merge_gpsid/?sid=50&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=382bacad-265c-48e3-a651-2614644bc3e8
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=382bacad-265c-48e3-a651-2614644bc3e8
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=382bacad-265c-48e3-a651-2614644bc3e8 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=89B803C173E618637B02DC9A02020732
204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=89B803C173E618637B02DC9A02020732
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.6
date: Wed, 07 Sep 2022 18:44:04 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
63301fac-f0df-449c-97ea-099d0ffba7ba.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
302 Found 0 B URL HTTP/2 63301fac-f0df-449c-97ea-099d0ffba7ba.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1
Host: 63301fac-f0df-449c-97ea-099d0ffba7ba.sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1662576243747; user_id=63301fac-f0df-449c-97ea-099d0ffba7ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=63301fac-f0df-449c-97ea-099d0ffba7ba;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=63301fac-f0df-449c-97ea-099d0ffba7ba;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=63301fac-f0df-449c-97ea-099d0ffba7ba
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=63301fac-f0df-449c-97ea-099d0ffba7ba
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=63301fac-f0df-449c-97ea-099d0ffba7ba
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=63301fac-f0df-449c-97ea-099d0ffba7ba HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwXPmGGN7AtyaAgIHMg
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwXPmGGN7AtyaAgIHMg
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwXPmGGN7AtyaAgIHMg HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Wed, 07 Sep 2022 18:44:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/89B803C173E618637B02DC9A02020732
204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/89B803C173E618637B02DC9A02020732
IP
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:44:04 GMT
set-cookie: uid=XV9maWMY5nRTTl/uhIIEAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 279 B IP
Hash db1307c9cc25cb69acab56414ec65381
5dd17072af708c56a13e8b4bd594c609397dd882
3507046dffa07bf654fef4f4f9223e007d5256851b1ae6be74ca02929f09d94e
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5660
Cache-Control: max-age=162547
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:04 GMT
Etag: "6318a84b-117"
Expires: Fri, 09 Sep 2022 15:53:11 GMT
Last-Modified: Wed, 07 Sep 2022 14:18:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1aa7e8d5aab71c9563919d88b976abc5
839c4bba258bc4ea3f42f96c1bf8692046b6561a
9897e7d05b513ca7d1f00c6fe040523c4f4c73ad365e2c0d1e7eaa8659539b03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9897E7D05B513CA7D1F00C6FE040523C4F4C73AD365E2C0D1E7EAA8659539B03"
Last-Modified: Wed, 07 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8396
Expires: Wed, 07 Sep 2022 21:04:00 GMT
Date: Wed, 07 Sep 2022 18:44:04 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4b04cfcaba58cfb0135f44aaea918eec
cc9b8020d2aa3e41518c82621cc7d68d41bf0afc
5e37153c28ddba3f445a51ecf22128d61926bb5b9e7c4f824af324ce4d7e1096
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 14:18:47 GMT
Expires: Tue, 13 Sep 2022 14:18:46 GMT
Etag: "cc9b8020d2aa3e41518c82621cc7d68d41bf0afc"
Cache-Control: max-age=501881,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747197f7ce9db50c-OSL
ocsp.usertrust.com/
200 OK 472 B IP
Hash 287e9159d269073f63c1d06f50f5ed89
421a39f9b80af60ff29b245ea2ca973652dfe011
734920e0de4408babde1eba9efb3c5286d70d49997e451369b2016924b7f3b1c
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 04:18:19 GMT
Expires: Mon, 12 Sep 2022 04:18:18 GMT
Etag: "421a39f9b80af60ff29b245ea2ca973652dfe011"
Cache-Control: max-age=603954,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 905
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747197f80884b4f3-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash eb06856d8626b77967ed070bc7d1ffce
8b064471057dedcaab5b3c488ac444aa77612a62
a328ae2472dd94315bf6b27e28895f2d1c61cf13272d2230cdfb8d27c50cac94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:09:17 GMT
Expires: Tue, 13 Sep 2022 04:09:16 GMT
Etag: "8b064471057dedcaab5b3c488ac444aa77612a62"
Cache-Control: max-age=465311,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747197f7cfce0b39-OSL
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash b95bc03410b4c7fd599676114c439d9a
564e57acbf54bf885c94071864abe163a97931e0
199cbcd8b8252e6e620983c2d1833869ccbcc58de2d8c700e3abda21f519842c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 11 Sep 2022 17:41:17 GMT
ETag: "564e57acbf54bf885c94071864abe163a97931e0"
Last-Modified: Wed, 07 Sep 2022 17:41:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 434
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747197f82e4d0b41-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 51e3efb78d821f5e66ac0d6de570470c
ef87eb50d231f128377628ccd7c0acc0fb5bff23
be9686b6e91f998b5bedd9c793e0dbc236805b0394cdb7662bc356d78d6fa6c0
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 11 Sep 2022 16:55:11 GMT
ETag: "ef87eb50d231f128377628ccd7c0acc0fb5bff23"
Last-Modified: Wed, 07 Sep 2022 16:55:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 653
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747197f82b3bb50b-OSL
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 605ca5f1360fdc30fd5d8fde80e5b573
7a7b9ad01cb330cb891dc2a2437ce075f75bac0e
d59c29e6172aebfcfa0951d554cfa3f47c6765f871579cb09c785c7b8d31bec4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Sep 2022 03:21:26 GMT
Expires: Thu, 08 Sep 2022 03:21:26 GMT
ETag: "7a7b9ad01cb330cb891dc2a2437ce075f75bac0e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
status.thawte.com/
200 OK 471 B IP
Hash 0dd6fff520f3d127fd649516e012adf4
c48721180ecb81820e4a1a154bb0f6d7c2eaa21f
e6c055997adc3153cbf58185df29001320ac07e419c12bd352db66ed3ba03854
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:04 GMT
Last-Modified: Wed, 07 Sep 2022 17:03:24 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash e42013e9c64dea042a44c1906f53d670
0165b995443525a59befb53380bc0aa09abb5201
64cdcdbd60b213bc2599e4f6ca2c9b9f31230cb431cb281c9709cf99dfce479d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 11 Sep 2022 17:32:45 GMT
ETag: "0165b995443525a59befb53380bc0aa09abb5201"
Last-Modified: Wed, 07 Sep 2022 17:32:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 171
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747197f83b5bb50b-OSL
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
tuuid=4002dfee-bafb-52fa-bd5a-0518de42e36c; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
ut=YxjmdAAH53Btn38xvT6T8SRuNtjj5sUbgzBG_w==; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ad.mail.ru/cm.gif?p=48&id=89B803C173E618637B02DC9A02020732
200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=89B803C173E618637B02DC9A02020732
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=1CKA-j1HZ2YC0025-s1eaJoC:::0-0-0-8333f34:CAASEImDNrDQXoewsgdTxv-yyLEaYGqCmcq1Gow_qNyAcMh1T8YcGOulxpEj34kDm2AS96ZjQMb4_hUNCocsOaYlLcEYgcUwuaGqbizRWr-FdponVmiNbRXTsAVC5XFqkdqqlqLPpGajwkP9TWlZBpGvTyOd_g; path=/; expires=Fri, 08-Sep-23 18:44:04 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 08 Sep 2022 00:44:04 GMT
cache-control: max-age=21600
last-modified: Wed, 07 Sep 2022 18:44:04 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Wed, 07 Sep 2022 18:34:45 GMT
Connection: keep-alive
ETag: "6318e445-beb"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 745359d372160932e8030c0199354252
1590e053a17d05095a48538fc08ff06245bac4d6
e7f798120d5e587145e512941e7c090ec2720d30d216e241f5b6f96d5b2d1241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 18:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
x01.aidata.io/0.gif?pid=9401454&id=89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=89B803C173E618637B02DC9A02020732
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:44:04 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=89B803C173E618637B02DC9A02020732&bounce=1
expires: Wed, 07 Sep 2022 18:44:03 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 07 Sep 2022 18:44:03 GMT
set-cookie: __upin=hBBkrNxLA2/qr1mIyoEEow;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1662576244;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Length: 0
Connection: close
sape-sync.rutarget.ru/sync
302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=gDafhavg7N_f
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=gDafhavg7N_f; Path=/; Domain=.rutarget.ru; Expires=Mon, 06 Mar 2023 18:44:04 GMT; SameSite=None; Secure
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 0784be5398270860deaa7eb7b04c453a
8a4686bfd4e93ae10831023dc08e0dead0fe8c28
fc7dc08674e114778a2f30e23860f4f05911c7dda84df1f09069f55cf74ffeba
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 11 Sep 2022 15:47:04 GMT
ETag: "8a4686bfd4e93ae10831023dc08e0dead0fe8c28"
Last-Modified: Wed, 07 Sep 2022 15:47:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2519
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747197f86ba7b50b-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Wed, 07 Sep 2022 18:44:04 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1987425637
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 07 Sep 2022 18:44:04 GMT
set-cookie: AFFICHE_W=cbtPVID@ckxx67; expires=Thu, 05 Oct 2023 18:44:04 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
tuuid=bd5277d4-ef8e-52fa-982c-c4dafb3422ae; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
ut=YxjmdAAIspDo31eFxgnUor6cHr8fesASKZ2oVw==; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4910353520; expires=Fri, 06 Sep 2024 18:44:04 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4910353520
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C173E618637B02DC9A02020732
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C173E618637B02DC9A02020732
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
px.adhigh.net/p/cm/sape?u=89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=89B803C173E618637B02DC9A02020732
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 18:44:04 GMT
content-length: 0
x-backend-id: f8-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=5MV2MVSDMQY.AikABlGDGUQ3Tg;Path=/;Domain=.adhigh.net;Expires=Thu, 07-Sep-2023 18:44:04 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=89B803C173E618637B02DC9A02020732&bounced=1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash eb06856d8626b77967ed070bc7d1ffce
8b064471057dedcaab5b3c488ac444aa77612a62
a328ae2472dd94315bf6b27e28895f2d1c61cf13272d2230cdfb8d27c50cac94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:09:17 GMT
Expires: Tue, 13 Sep 2022 04:09:16 GMT
Etag: "8b064471057dedcaab5b3c488ac444aa77612a62"
Cache-Control: max-age=465311,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747197f778cdb518-OSL
sm.rtb.mts.ru/p?ssp=sape&id=89B803C173E618637B02DC9A02020732
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=89B803C173E618637B02DC9A02020732
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C173E618637B02DC9A02020732
Set-Cookie: dspid=6852b32c-e2f4-4f7d-a5bb-0401e48e3090; expires=Tue, 29 Aug 2023 18:44:04 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C173E618637B02DC9A02020732
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=89B803C173E618637B02DC9A02020732&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
tuuid=0086c99f-beb8-52fa-a9b0-03cfcaa8e5bb; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
ut=YxjmdAAJdeAUIbXxqkYvfm1ayUMDFannSjGAkQ==; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 605ca5f1360fdc30fd5d8fde80e5b573
7a7b9ad01cb330cb891dc2a2437ce075f75bac0e
d59c29e6172aebfcfa0951d554cfa3f47c6765f871579cb09c785c7b8d31bec4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 07 Sep 2022 03:21:26 GMT
Expires: Thu, 08 Sep 2022 03:21:26 GMT
ETag: "7a7b9ad01cb330cb891dc2a2437ce075f75bac0e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.acint.net/match?dp=104&euid=gDafhavg7N_f
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=gDafhavg7N_f
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=gDafhavg7N_f HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C173E618637B02DC9A02020732&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C173E618637B02DC9A02020732&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=89B803C173E618637B02DC9A02020732&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
tuuid=cc72fd7c-4dc6-52fa-9a1c-31a4f904d7d0; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
ut=YxjmdAAKaBDIomNKhIPZfKQ5ok4ROfhZ0_mCYw==; Max-Age=31536000; Expires=Thu, 07 Sep 2023 18:44:04 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1987425637
204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1987425637
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1987425637 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Wed, 07 Sep 2022 18:44:04 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 07 Sep 2022 18:44:04 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=89B803C173E618637B02DC9A02020732&bounce=1
204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=89B803C173E618637B02DC9A02020732&bounce=1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=89B803C173E618637B02DC9A02020732&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 07 Sep 2022 18:44:04 GMT
expires: Wed, 07 Sep 2022 18:44:03 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 07 Sep 2022 18:44:03 GMT
set-cookie: __upin=dINbNYdK+QWjCFm7LU/ywA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1662576244;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C173E618637B02DC9A02020732
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C173E618637B02DC9A02020732
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
px.adhigh.net/p/cm/sape?u=89B803C173E618637B02DC9A02020732&bounced=1
200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=89B803C173E618637B02DC9A02020732&bounced=1
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=89B803C173E618637B02DC9A02020732&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: image/gif
content-length: 49
x-backend-id: f8-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=649194857378641
200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=649194857378641
IP
File type ASCII text, with very long lines (15878), with no line terminators
Hash 5fb72141505b525aa1ac96bf2f2fdd8b
5e463c12f0e56864739dbe44e419d01cd9ebd84d
3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58
GET /processor.js?i=649194857378641 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: application/javascript
Content-Length: 15878
Last-Modified: Wed, 07 Sep 2022 18:34:46 GMT
Connection: keep-alive
ETag: "6318e446-3e06"
Accept-Ranges: bytes
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4910353520
302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4910353520
IP
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4910353520 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 06 Sep 2024 18:44:04 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C173E618639002879A02D7E5B7
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C173E618639002879A02D7E5B7
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C173E618639002879A02D7E5B7
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C173E618639002879A02D7E5B7 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:04 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 52235329397af274fe1489836ce5523a
cdb7071e8529fcb584c2103f8cdb95fb1934713a
7b61731d53c12884c26d27614f6ca741a31008b652f92051924e6b988440741e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B61731D53C12884C26D27614F6CA741A31008B652F92051924E6B988440741E"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Wed, 07 Sep 2022 20:40:44 GMT
Date: Wed, 07 Sep 2022 18:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 52235329397af274fe1489836ce5523a
cdb7071e8529fcb584c2103f8cdb95fb1934713a
7b61731d53c12884c26d27614f6ca741a31008b652f92051924e6b988440741e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B61731D53C12884C26D27614F6CA741A31008B652F92051924E6B988440741E"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Wed, 07 Sep 2022 20:40:44 GMT
Date: Wed, 07 Sep 2022 18:44:04 GMT
Connection: keep-alive
tech.rtb.mts.ru/
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Wed, 07 Sep 2022 18:44:05 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=e08f5094-cdc3-4d9e-a1a6-2d6e95bd6f2d; Domain=mts.ru; expires=Fri, 16 Jul 2032 18:44:05 GMT; SameSite=None; Secure
mts_id_last_sync=1662576245; Domain=mts.ru; expires=Fri, 16 Jul 2032 18:44:05 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
dmg.digitaltarget.ru/1/1093/i/i?i=150343010450188.661673274546801&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=150343010450188.661673274546801&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=150343010450188.661673274546801&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 07 Sep 2022 18:44:05 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=150343010450188.661673274546801&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=LYJsgnnPFoI3AIo7lxom; Max-Age=93312000; Expires=Fri, 22 Aug 2025 18:44:05 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=150343010450188.988909363608505&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=150343010450188.988909363608505&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=150343010450188.988909363608505&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 07 Sep 2022 18:44:05 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=150343010450188.988909363608505&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=7CuOy4HPFoC07Oo7VAp3; Max-Age=93312000; Expires=Fri, 22 Aug 2025 18:44:05 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=150343010450188.661673274546801&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=150343010450188.661673274546801&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=150343010450188.661673274546801&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:05 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=150343010450188.988909363608505&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=150343010450188.988909363608505&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=150343010450188.988909363608505&a=77&e=89B803C173E618637B02DC9A02020732&pref=http%3A%2F%2Fgoryachieklavishi.ru%2F&c=ss:77.up:89B803C173E618637B02DC9A02020732.sync:up.xdua:duABDptom6pbsBWB0OC3magL.xps:xpslZMyh4KBAQg6sc4NaqwJ0w.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Sep 2022 18:44:05 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=67747963&dT=2022-09-07T18%3A43%3A58.446
302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=67747963&dT=2022-09-07T18%3A43%3A58.446
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=67747963&dT=2022-09-07T18%3A43%3A58.446 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 07 Sep 2022 18:44:05 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=67747963&dT=2022-09-07T18%3A43%3A58.446
www.acint.net/ping/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=67747963&dT=2022-09-07T18%3A43%3A58.446
200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=67747963&dT=2022-09-07T18%3A43%3A58.446
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=638b5170-f359-4dd3-94fc-ae26a2dbef10&dp=10&tz=%2B00%3A00&nc=67747963&dT=2022-09-07T18%3A43%3A58.446 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goryachieklavishi.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOahwKQt+XXAkxlJ2WwxddyY6BMbQQPWzSjlsMd; cSyncDp7v2=1662576243; cSyncDp14v3=1662576243; cSyncDp17=1662576243; cSyncDp32=1662576243; cSyncDp45v3=1662576243; cSyncDp53=1662576243; cSyncDp54v2=1662576243; cSyncDp62=1662576243; cSyncDp67v2=1662576243; cSyncDp68=1662576243; cSyncDp71=1662576243; cSyncDp77=1662576243; cSyncDp84=1662576243; cSyncDp85=1662576243; cSyncDp95v3=1662576243; cSyncDp101=1662576243; cSyncDp104v2=1662576243; cSyncDp107=1662576243; cSyncDp110=1662576243; cSyncDp111v2=1662576243; cSyncDp112v2=1662576243; cSyncDp125v2=1662576243; cSyncDp126=1662576243; cSyncDp127=1662576243; cSyncDp129=1662576243; cSyncDp136v2=1662576243; cSyncDp138=1662576243; cSyncDp144=1662576243; cSyncDp146=1662576243; cSyncDp148=1662576243; cSyncDp149=1662576243; cSyncDp151=1662576243; cSyncDp179=1662576243; cSyncDp186=1662576243; cSyncDp221=1662576243
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:05 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/89B803C173E618637B02DC9A02020732?redir-setuniq=1
200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/89B803C173E618637B02DC9A02020732?redir-setuniq=1
IP
GET /mapuid/sapeis/89B803C173E618637B02DC9A02020732?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 07 Sep 2022 18:44:04 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 18:44:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 07 Sep 2022 18:44:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.retget.ru/pwk/mc.php
200 OK 0 B IP
ASN #24940 Hetzner Online GmbH
GET /pwk/mc.php HTTP/1.1
Host: cdn.retget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Sep 2022 18:44:04 GMT
content-type: text/html; charset=UTF-8
set-cookie: hjelwf=e36c6899ff1b47ceb6868a57a9f5042a; expires=Wed, 07-Sep-2022 19:44:04 GMT; Max-Age=3600; path=/; SameSite=None; Secure; domain=cdn.retget.ru
content-encoding: gzip
mode: no-cors
access-control-allow-origin: *
cache-control: no-cache
X-Firefox-Spdy: h2
nordw.ingeitn.ru/i/k.js
200 OK 0 B IP
ASN #199524 G-Core Labs S.A.
GET /i/k.js HTTP/1.1
Host: nordw.ingeitn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 18:44:02 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"d0226560a2d22923fc0b287025fd9906"
last-modified: Fri, 26 Nov 2021 15:34:02 GMT
x-timestamp: 1637940841.37913
x-trans-id: 16bb22845d641b0a
age: 48190
expires: Fri, 09 Sep 2022 06:44:02 GMT
cache-control: max-age=129600
cache: HIT
x-cached-since: 2022-09-07T18:34:10+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
200 OK 0 B URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://goryachieklavishi.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=wQO4iWMY5nOa3AJ7MgcCAlz4vkBqCYCO5CLlO80t9Aql6LcI
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 07 Sep 2022 18:44:03 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1662576243; expires=Thu, 08-Sep-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1662576243; expires=Wed, 21-Sep-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1662576243; expires=Wed, 21-Sep-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1662576243; expires=Wed, 21-Sep-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1662576243; expires=Thu, 22-Sep-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1662576243; expires=Fri, 07-Oct-22 18:44:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/89B803C173E618637B02DC9A02020732
302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/89B803C173E618637B02DC9A02020732
IP
GET /mapuid/sapeis/89B803C173E618637B02DC9A02020732 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/89B803C173E618637B02DC9A02020732?redir-setuniq=1
date: Wed, 07 Sep 2022 18:44:04 GMT
set-cookie: yandexuid=3213950611662576244; domain=.yandex.ru; path=/; expires=Sat, 04-Sep-2032 18:44:04 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07 Sep 2022 18:44:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 07 Sep 2022 18:44:04 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A2%3Adp%3A0%3Als%3A68793323258%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A942804359%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr(14)mc(cm-1-tl-1)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A2%3Adp%3A0%3Als%3A68793323258%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A942804359%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr(14)mc(cm-1-tl-1)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
GET /watch/23414332?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A2%3Adp%3A0%3Als%3A68793323258%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A942804359%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr(14)mc(cm-1-tl-1)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://goryachieklavishi.ru
Connection: keep-alive
Referer: http://goryachieklavishi.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fgoryachieklavishi.ru%2Findex.php%3Fpage%3D%25D0%2593%25D0%25BE%25D1%2580%25D1%258F%25D1%2587%25D0%25B8%25D0%25B5%2520%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25B2%25D0%25B8%25D1%2588%25D0%25B8%2520%25D0%259F%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BE%25D0%25B4%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0%2520Windows%252010&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym17zxi6fwm9k%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A2%3Adp%3A0%3Als%3A68793323258%3Ahid%3A778561331%3Az%3A0%3Ai%3A20220907184354%3Aet%3A1662576235%3Ac%3A1%3Arn%3A942804359%3Arqn%3A1%3Au%3A1662576235643618247%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662576233520%3Aco%3A0%3Ads%3A111%2C41%2C53%2C80%2C-8%2C0%2C%2C488%2C%2C%2C%2C%2C%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662576235%3At%3A%D0%93%D0%BE%D1%80%D1%8F%D1%87%D0%B8%D0%B5%20%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D1%88%D0%B8%20%D0%9F%D1%80%D0%BE%D0%B2%D0%BE%D0%B4%D0%BD%D0%B8%D0%BA%D0%B0%20Windows%2010&t=gdpr%2814%29mc%28cm-1-tl-1%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 07 Sep 2022 18:44:02 GMT
access-control-allow-origin: http://goryachieklavishi.ru
set-cookie: yandexuid=2552816691662576242; Expires=Thu, 07-Sep-2023 18:44:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2552816691662576242; Expires=Thu, 07-Sep-2023 18:44:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=287935681662576242; Path=/; SameSite=None; Secure
i=/ljwG5o6dTZV/PZDcE/FPQXHgUePbQDzteCsVaRPAIhq+uCD0kYkbCRKMaqH6jurXPTDBTMe+2kFC3LtCocSmaGfMkk=; Expires=Sat, 04-Sep-2032 18:43:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694112242.yrts.1662576242#1694112242.yrtsi.1662576242; Expires=Thu, 07-Sep-2023 18:44:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 07-Sep-2022 18:44:02 GMT
last-modified: Wed, 07-Sep-2022 18:44:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
91.219.194.6
34.117.237.239
144.76.138.28
104.18.21.226
188.42.191.196
93.184.220.29
95.217.109.66
37.18.103.21
188.72.107.205
23.36.77.32