new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/
172.67.177.120301 Moved Permanently 0 B URL HTTP/1.1 new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/
IP 172.67.177.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/ HTTP/1.1
Host: new-days.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:38:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 06 Oct 2022 03:38:47 GMT
Location: https://new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFDAjWpumEJTq3chAa1x%2F5HjiQiXiXav4rmrlwfr8G%2FyKmQbfuKaw7Rs9KgMwALCIKD4ZL2C%2F%2BlQIqH3aqrVzq%2BYGh8AiWlezSsqLLHEMAkd7oXbewOR7u8TP4kRug%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05d7ff951c02-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M7Gb4PWULunt6tod1QM9ULPDN8QS0iVjc850naQKiXX2Vo_gqrZsYg==
Age: 39089
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5141
Expires: Thu, 06 Oct 2022 04:04:28 GMT
Date: Thu, 06 Oct 2022 02:38:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6339
Expires: Thu, 06 Oct 2022 04:24:26 GMT
Date: Thu, 06 Oct 2022 02:38:47 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e79e65cf547e32df18087263b619ad8
404140dd76eb0b0e4eca0d73e1d71c9bb204b06a
41ed07705416f8c6b118bf6d57fb799be18114bcd71f186f52a623d3f3aaf89b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "41ED07705416F8C6B118BF6D57FB799BE18114BCD71F186F52A623D3F3AAF89B"
Last-Modified: Wed, 05 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7545
Expires: Thu, 06 Oct 2022 04:44:32 GMT
Date: Thu, 06 Oct 2022 02:38:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +LGopU/zz+lSMMZvteiGC1v3MOK5qbClGtNy+fLbMfZj/gZAX16d5yASGtRWL7viiVMLb5RLwEc=
x-amz-request-id: TTEERSVHKPP6PG8B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 01:58:32 GMT
age: 2415
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e79e65cf547e32df18087263b619ad8
404140dd76eb0b0e4eca0d73e1d71c9bb204b06a
41ed07705416f8c6b118bf6d57fb799be18114bcd71f186f52a623d3f3aaf89b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "41ED07705416F8C6B118BF6D57FB799BE18114BCD71F186F52A623D3F3AAF89B"
Last-Modified: Wed, 05 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7545
Expires: Thu, 06 Oct 2022 04:44:32 GMT
Date: Thu, 06 Oct 2022 02:38:47 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 894 B IP 142.250.74.3:0
Hash 19640b81c288b920b1df2396eeb5ad31
fe37bd70df45e9b6481a729615e4aa9dcdd7edcd
edf2ea16b4db5e818c9bde3980833769c942dba741def897e982f914f3a8fae9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 7.6 kB IP 172.64.155.188:0
Hash faa2f398eb920c87f2583443a97cd875
6565f2dd7d3af5c147cd43cc17ca66ea2f3b606e
ff7edc10d3ce59d5436e124e401239be6d8615cda0f0bf2ad688655c281732c3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:47 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 09:53:48 GMT
Expires: Tue, 11 Oct 2022 09:53:47 GMT
Etag: "a0a30622a04d463fb9972059dbb4b1ff66c1baa4"
Cache-Control: max-age=457499,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b05dbfae1b529-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 973 B IP 172.64.155.188:0
Hash f93efc2e7a85cc76600478767244bbbd
dc671600dfe14d44718c9c00dce928256fa7baa1
6463baed4a8a679375bb34084d76dc74c44e22b17f3dd44496fe746e8e6e35e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:47 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 09:53:48 GMT
Expires: Tue, 11 Oct 2022 09:53:47 GMT
Etag: "a0a30622a04d463fb9972059dbb4b1ff66c1baa4"
Cache-Control: max-age=457499,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b05dbfc940b65-OSL
fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%7CSource+Sans+Pro%3A600%2Cregular%2C600&display=swap&ver=1.2.6
142.250.74.10200 OK 10 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%7CSource+Sans+Pro%3A600%2Cregular%2C600&display=swap&ver=1.2.6
IP 142.250.74.10:0
Hash 298b73d8e9b4447717d40d35622c76d7
a90b1fb6434bcf670da591eef07bdcf5358d9f86
16e8787e2fc6b053f8ab0a5849a859e742f010a7c47992bd7e7db8d28869fead
GET /css?family=Roboto%3Aregular%2C700%7CSource+Sans+Pro%3A600%2Cregular%2C600&display=swap&ver=1.2.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 02:38:47 GMT
date: Thu, 06 Oct 2022 02:38:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:26:57 GMT
expires: Thu, 05 Oct 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 25910
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
216.58.207.195200 OK 7.4 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7448, version 1.0\012- data
Hash 28c3e0bdf029c4164ae6e0e1e339b44f
8e027ac5d59e5105d56d6369071d2be00eac295c
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:28:24 GMT
expires: Thu, 05 Oct 2023 19:28:24 GMT
cache-control: public, max-age=31536000
age: 25823
last-modified: Wed, 27 Apr 2022 16:14:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.195:0
File type gzip compressed data, from Unix\012- data
Hash b80df728bf66fe335075629c20124b40
7a32b40c3d916cc2c465322e31b77a33b89be206
e55ef08280b72f28fcd9a40d3fec420aee393b0a075030085194ac59b4f8dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:49 GMT
expires: Fri, 29 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 591538
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 25479
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:26:57 GMT
expires: Thu, 05 Oct 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 25910
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 25479
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2
216.58.207.195200 OK 7.4 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7428, version 1.0\012- data
Hash 534692fbe5b62346be7af4884845550c
3a5b8d235729ef34b0f6e7e92b64be07b67d49b1
150e4d03ae35f998288f482393fd255f8a698ed1a83540cb58a03cbd36ad5f44
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 20:20:29 GMT
expires: Thu, 05 Oct 2023 20:20:29 GMT
cache-control: public, max-age=31536000
age: 22698
last-modified: Wed, 27 Apr 2022 16:20:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7704d9020923a356295deca8ec608639
77f48037e38d705ddf171141c4841e34983b8d8d
07bc4d4b532bf6d2a40a61bce7ed1f653d2122cd64dd4e1ea80b476290ab59ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07BC4D4B532BF6D2A40A61BCE7ED1F653D2122CD64DD4E1EA80B476290AB59ED"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Thu, 06 Oct 2022 03:44:34 GMT
Date: Thu, 06 Oct 2022 02:38:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 974d395d990ed4b73ab52223e883deaa
171583bae4e8ff18ebed41eb06c4371a7ed2ddcb
e8629058c13679ee87513aa35dfc2d47fbdec01562d4a501d4380cf3a90d6298
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8629058C13679EE87513AA35DFC2D47FBDEC01562D4A501D4380CF3A90D6298"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6392
Expires: Thu, 06 Oct 2022 04:25:20 GMT
Date: Thu, 06 Oct 2022 02:38:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 99be3cfc96f2813fb45bc9e478d22c80
fa2ebf2c8e338f88f84183dd3c788626e437d3a6
df8a8fd1073161d479212b0bb2db14b840d42a90e2f29e6e09e0691aed7e901c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 00:52:33 GMT
ETag: "fa2ebf2c8e338f88f84183dd3c788626e437d3a6"
Last-Modified: Thu, 06 Oct 2022 00:52:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 25
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05de6821b506-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3799842268627012
142.250.74.98200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3799842268627012
IP 142.250.74.98:0
File type ASCII text, with very long lines (2910)
Hash 2521ab009e255cc5fedcf59b5e74d19a
510b4896539a4227fccf45847e6fd1fc7d1004ba
c885b955a83dda91c45038d982786927c02401c2f3bac277a4d2a4b2d31b9d74
GET /pagead/js/adsbygoogle.js?client=ca-pub-3799842268627012 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 06 Oct 2022 02:38:48 GMT
expires: Thu, 06 Oct 2022 02:38:48 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17592031875590042361
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
news.mediametrics.ru/cgi-bin/b.fcgi?ac=b&m=js&v=2&n=10&id=DivID
88.212.202.23200 OK 9.7 kB URL HTTP/1.1 news.mediametrics.ru/cgi-bin/b.fcgi?ac=b&m=js&v=2&n=10&id=DivID
IP 88.212.202.23:0
ASN #39134 United Network LLC
Hash 696bee49b608ac22cbfc46fa163f09be
074a47f4e5f60b0012f8f0664a2397cc09877906
312134fba738494c7849804357ccd3c4514967bea95ea5b4a88e2bcf9f834209
GET /cgi-bin/b.fcgi?ac=b&m=js&v=2&n=10&id=DivID HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 9749
Connection: keep-alive
Content-Language: ru
Cache-Control: no-store
Pragma: no-cache
Vary: Accept-Language
Access-Control-Allow-Origin: *
giclgq.com/f6wl71192ilvpm0y03hq8786quv876ypkwvfj4.php
62.76.25.27200 OK 23 kB URL HTTP/2 giclgq.com/f6wl71192ilvpm0y03hq8786quv876ypkwvfj4.php
IP 62.76.25.27:0
File type Unicode text, UTF-8 text, with very long lines (50007)
Hash a892b11e0cf4a02eb4674c8cf15da624
2749a66e2b68ada586589102a7d7da004310b311
9a0f61d7a8e55e43d14fbe04d36680d27174fcf4cba77bc031959b0c47759de6
GET /f6wl71192ilvpm0y03hq8786quv876ypkwvfj4.php HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 22630
last-modified: Thu, 01 Sep 2022 13:34:27 GMT
etag: "6310b4e3-5866"
content-encoding: gzip
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/398701/300x250?region=eu-central-1
148.251.233.147200 OK 401 kB URL HTTP/2 static.a-ads.com/a-ads-banners/398701/300x250?region=eu-central-1
IP 148.251.233.147:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 401 kB (401378 bytes)
Hash 68fbf52c6693ff8bf95a36832bd4393a
5901e97641395575470b8178fae9c41b2a1e760e
b40a23956426aa4dcfd5ec210fb8dd72908779c4eb1ffc87d5e1c455aa52ec7c
GET /a-ads-banners/398701/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: image/gif
content-length: 401378
x-amz-id-2: UGVYuDRbeQWSL9cb4DV5oT4+uy0IKt1D/DVl1iX5IzPiVKMY4ic63vT2nBfugHum0DxY/RUIrQo=
x-amz-request-id: N5AAVQFFY1CCPZX1
x-amz-replication-status: COMPLETED
last-modified: Fri, 24 Jun 2022 20:01:58 GMT
etag: "68fbf52c6693ff8bf95a36832bd4393a"
cache-control: max-age=315360000
x-amz-version-id: OZDqWYclM.YzxQPWKdlAWsKTrXEW4GvI
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 5841c4428d5f3a762b887e74ad7cf1c6
b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba
ab87978aa61bd3b17bfb0b021b4a9ce56629ff37ce86ad6763a9f5f4c9e7e8e1
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:41:23 GMT
ETag: "b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba"
Last-Modified: Wed, 05 Oct 2022 23:41:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05de6d3cb527-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ebf02d0e6cf347bf637ada37e92f0071
befdb650fd03c86235c9dc8f3f34433f70ed994d
c78b61f6aae3a7329d6c47b8112dfe1603951579f8fb04f0883b9619c36fb3ce
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 03:08:24 GMT
Expires: Wed, 12 Oct 2022 03:08:23 GMT
Etag: "befdb650fd03c86235c9dc8f3f34433f70ed994d"
Cache-Control: max-age=519574,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b05de9bd9b529-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 5841c4428d5f3a762b887e74ad7cf1c6
b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba
ab87978aa61bd3b17bfb0b021b4a9ce56629ff37ce86ad6763a9f5f4c9e7e8e1
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:41:23 GMT
ETag: "b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba"
Last-Modified: Wed, 05 Oct 2022 23:41:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05de7826b506-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 02:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 02:56:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZueUn19uqAApx4vy4zxvaa2d9iRsHGjSg9hfnwsykoVWv-nKXfM4fw==
Age: 547
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 160123e93c0586276579240ee32309a9
2bc8396d550147dad9c54f870453cdea10419eac
836f9503cec7633b11f2afdb89e32bef0de2b24cd599cf309007623e943bc240
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:48:08 GMT
ETag: "2bc8396d550147dad9c54f870453cdea10419eac"
Last-Modified: Wed, 05 Oct 2022 23:48:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3097
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05e009d6b512-OSL
relap.io/v7/relap.js
95.163.37.253200 OK 13 kB IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (25141)
Hash 12f5423344703b40fdf8d3bd9f60ecdb
b69c1bf5908dc2e709c53dc944531faf66a35022
5be4a2377616c4f344a96514138b0d6a788d389a6c7c568ab3d10c4f389df27d
GET /v7/relap.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 13221
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-33a5"
content-encoding: br
expires: Thu, 06 Oct 2022 02:39:48 GMT
cache-control: max-age=60
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 5841c4428d5f3a762b887e74ad7cf1c6
b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba
ab87978aa61bd3b17bfb0b021b4a9ce56629ff37ce86ad6763a9f5f4c9e7e8e1
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:41:23 GMT
ETag: "b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba"
Last-Modified: Wed, 05 Oct 2022 23:41:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05de795cb517-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6051
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:48 GMT
Last-Modified: Thu, 06 Oct 2022 00:57:57 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 5841c4428d5f3a762b887e74ad7cf1c6
b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba
ab87978aa61bd3b17bfb0b021b4a9ce56629ff37ce86ad6763a9f5f4c9e7e8e1
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:41:23 GMT
ETag: "b13b4a3a3cae268bd85ed82551f3f2ca6cca35ba"
Last-Modified: Wed, 05 Oct 2022 23:41:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05de68f7b52d-OSL
relap.io/v7/app_index.8a64b5d9600ab61bcfe3.js
95.163.37.253200 OK 23 kB URL HTTP/2 relap.io/v7/app_index.8a64b5d9600ab61bcfe3.js
IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 5c51e6c79980792fbaa4a5db375a8128
b26275c303d0a439908214d41d64395427869537
2fc415919c9a199fc19a88d3aeb5f1ccda20d85aa07b241d3690efab9d07110f
GET /v7/app_index.8a64b5d9600ab61bcfe3.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 23125
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-5a55"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:48 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
relap.io/api/v7/init?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
95.163.37.253200 OK 0 B URL HTTP/2 relap.io/api/v7/init?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 95.163.37.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v7/init?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date: Thu, 06 Oct 2022 02:38:48 GMT
access-control-allow-origin: https://new-days.ru
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
x-server: web06
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
vary: Origin
x-content-type-options: nosniff
access-control-max-age: 1728000
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
cdn.alfasense.net/js/ad_5761.js
136.144.31.36200 OK 1.6 kB URL HTTP/2 cdn.alfasense.net/js/ad_5761.js
IP 136.144.31.36:0
ASN #52000 Innovation IT Solutions LTD
File type ASCII text, with very long lines (2756)
Hash e8e4e0714528e024c450d56b9b5438d1
fd6875477ada60905e46cb1c13ebe6e32e1fce17
391eeaa15927c94eaf896c702dd250fa1b388d034095f9c5def63598f8d345e5
GET /js/ad_5761.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 09:39:16 GMT
etag: W/"6332c4c4-f94"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
relap.io/v7/vendor.98c174215dfd7e8c9df9.js
95.163.37.253200 OK 98 kB URL HTTP/2 relap.io/v7/vendor.98c174215dfd7e8c9df9.js
IP 95.163.37.253:0
File type ASCII text, with very long lines (65451)
Hash d41f207ae1ce14fce09bf90daa9aff68
832685429e75c34ab70ce9f7e321be0a928f425a
0f539acbba8f29fd495da7dc967e930100ea2ea392b8fca1c765072edd632a4e
GET /v7/vendor.98c174215dfd7e8c9df9.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 97917
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-17e7d"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:48 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
relap.io/v7/common_core.197878b142fa2a255aa9.js
95.163.37.253200 OK 68 kB URL HTTP/2 relap.io/v7/common_core.197878b142fa2a255aa9.js
IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (65523), with no line terminators
Hash c5966e154ea1e54ea9422999beb48e0c
2d2391b0e0350adb4da17eccfd9d6d794548a09d
a124d8ee4a8eb5e73c8b7322b8872c46fafc9133a69ba70f1a48fc5d3d811dc5
GET /v7/common_core.197878b142fa2a255aa9.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 68304
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-10ad0"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:48 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
relap.io/v7/app.e2951618e16db2e27fbd.js
95.163.37.253200 OK 5.6 kB URL HTTP/2 relap.io/v7/app.e2951618e16db2e27fbd.js
IP 95.163.37.253:0
File type ASCII text, with very long lines (51453), with no line terminators
Hash 486a2b5cd029303851611ecfff02febe
4e9c4e89e11e966a790f4492ae7e86d3339bddde
0cd68ac77f0a9de435aa6c4eb43445c3e7cfc21b681ed49d4130003fb42e8bf3
GET /v7/app.e2951618e16db2e27fbd.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 5587
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-15d3"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:48 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZVElTdpAaOZXY19sseHRMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OJUq6vJrHpl4QhJrFTu9vc7cgRQ=
relap.io/v7/core.f806723b72a5511ae50c.js
95.163.37.253200 OK 2.0 kB URL HTTP/2 relap.io/v7/core.f806723b72a5511ae50c.js
IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (5831), with no line terminators
Hash cf66db55101da5981a41605038f2a3dc
d60f8ba07cbf953fc087a072c155258b4caa0778
c3645bde5f55bb06fd30a63261b4fa6accb9184187048a21fffe1d34767ffebd
GET /v7/core.f806723b72a5511ae50c.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023928; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=1; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 2039
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-7f7"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:48 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
relap.io/api/v7/metrics
95.163.37.253200 OK 0 B IP 95.163.37.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v7/metrics HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials: true
vary: Origin
access-control-allow-origin: https://new-days.ru
x-content-type-options: nosniff
x-server: back20
date: Thu, 06 Oct 2022 02:38:48 GMT
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
relap.io/api/v7/ext_cfgs?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
95.163.37.253200 OK 1.3 kB URL HTTP/2 relap.io/api/v7/ext_cfgs?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with very long lines (5678), with no line terminators
Hash c7192e5006028a436f575c69c2bc6090
d3c499ccfa594f8987bdce20ea40c2e3aea1d821
3f47a75b1d8b6cb9eedbaa24665a6308e6e0aa24b395f2d24d88aef292a13fde
GET /api/v7/ext_cfgs?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://new-days.ru
set-cookie: unique=SkG9g3pO; expires=Sun, 03 Oct 2032 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
fsts=1665023928; expires=Sun, 03 Oct 2032 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
lsts=1665023928; expires=Sun, 03 Oct 2032 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
hllc=1; expires=Fri, 07 Oct 2022 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
uuid=9eb09c2c-e018-4823-bc87-cae77e473583; expires=Sun, 03 Oct 2032 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
x-server: back07
vary: Origin
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-credentials: true
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date: Thu, 06 Oct 2022 02:38:48 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
content-encoding: br
X-Firefox-Spdy: h2
relap.io/abp.gif?ch=1&rn=7.357339372682511
95.163.37.253200 OK 43 B URL HTTP/2 relap.io/abp.gif?ch=1&rn=7.357339372682511
IP 95.163.37.253:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /abp.gif?ch=1&rn=7.357339372682511 HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023928; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=1; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 21 Apr 2021 09:31:42 GMT
etag: "607ff0fe-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
relap.io/abp.gif?ch=2&rn=7.357339372682511
95.163.37.253200 OK 43 B URL HTTP/2 relap.io/abp.gif?ch=2&rn=7.357339372682511
IP 95.163.37.253:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /abp.gif?ch=2&rn=7.357339372682511 HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023928; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=1; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: image/gif
content-length: 43
last-modified: Wed, 21 Apr 2021 09:31:42 GMT
etag: "607ff0fe-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
accept-ranges: bytes
X-Firefox-Spdy: h2
ru.viadata.store/tag/load.js?sid=105524
23.111.211.20200 OK 3.5 kB URL HTTP/2 ru.viadata.store/tag/load.js?sid=105524
IP 23.111.211.20:0
File type ASCII text, with very long lines (5597), with CRLF line terminators
Hash 058a9ba4cd022093ae0520ecacfdf827
131a0cd1f16469fab022ce924b41f963327cd8ac
124018ca6bf95f9c2d33261f144176f5c2e66866e708e9eea99baa353b6559c7
GET /tag/load.js?sid=105524 HTTP/1.1
Host: ru.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.5
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858; expires=Sat, 05-Nov-2022 02:38:48 GMT; Max-Age=2592000; path=/; domain=.viadata.store; secure; HttpOnly; SameSite=None
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2
relap.io/api/v7/init?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
95.163.37.253200 OK 2.0 kB URL HTTP/2 relap.io/api/v7/init?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 95.163.37.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (12383), with no line terminators
Hash 5d119f06d3978d95d11bd82259342525
0cf746ade5f285ec7ae96cc21a9ed4b6c9904267
ab38513c3f1ac6db13e1640df2860bd42c2b08866bc3475fc56789fd4308af30
GET /api/v7/init?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-credentials: true
access-control-max-age: 1728000
date: Thu, 06 Oct 2022 02:38:48 GMT
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
x-server: back16
access-control-allow-origin: https://new-days.ru
access-control-expose-headers: X-Relap-Cookie
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
set-cookie: unique=OMgFmiyE; expires=Sun, 03 Oct 2032 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
fsts=1665023928; expires=Sun, 03 Oct 2032 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
lsts=1665023928; expires=Sun, 03 Oct 2032 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
suid=d380ba10aa3556b3ac7b284b5d9efe1d10ce9347--d7d3c2e23ed7a13a87b8b2615406bd9ddf073bf97473fb7091c975906fe9434b; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
hllc=1; expires=Fri, 07 Oct 2022 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; expires=Thu, 20 Oct 2022 02:38:48 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
3rdpce=1; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
content-encoding: br
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 801c338fa67edaf785a10301b25e2c8b
3cbce3ccccbd6b40ccbef89e6f52c9745943fe77
a81a7637f14047b311a24f7b89f698582781e2f43b48dcce90b028d98a8a596d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4535
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:49 GMT
Last-Modified: Thu, 06 Oct 2022 01:23:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
status.geotrust.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 801c338fa67edaf785a10301b25e2c8b
3cbce3ccccbd6b40ccbef89e6f52c9745943fe77
a81a7637f14047b311a24f7b89f698582781e2f43b48dcce90b028d98a8a596d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4535
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:49 GMT
Last-Modified: Thu, 06 Oct 2022 01:23:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
status.geotrust.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 801c338fa67edaf785a10301b25e2c8b
3cbce3ccccbd6b40ccbef89e6f52c9745943fe77
a81a7637f14047b311a24f7b89f698582781e2f43b48dcce90b028d98a8a596d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4535
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:49 GMT
Last-Modified: Thu, 06 Oct 2022 01:23:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
status.geotrust.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 801c338fa67edaf785a10301b25e2c8b
3cbce3ccccbd6b40ccbef89e6f52c9745943fe77
a81a7637f14047b311a24f7b89f698582781e2f43b48dcce90b028d98a8a596d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4535
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:49 GMT
Last-Modified: Thu, 06 Oct 2022 01:23:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ia-dmp.com/cm/3/SkG9g3pO?redirect_url=https%3A%2F%2Frelap.io%2Fpartners%2Frusnewcs%3Fuid%3D%24%7BUSER_ID%7D
185.26.97.53204 No Content 0 B URL HTTP/1.1 ia-dmp.com/cm/3/SkG9g3pO?redirect_url=https%3A%2F%2Frelap.io%2Fpartners%2Frusnewcs%3Fuid%3D%24%7BUSER_ID%7D
IP 185.26.97.53:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/3/SkG9g3pO?redirect_url=https%3A%2F%2Frelap.io%2Fpartners%2Frusnewcs%3Fuid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ia-dmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 06 Oct 2022 02:38:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ad.mail.ru/adq/?q=815001&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb2015141376
95.163.41.56200 OK 597 B URL HTTP/2 ad.mail.ru/adq/?q=815001&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb2015141376
IP 95.163.41.56:0
Hash 8fb24e538bfe166feb338c10574e0c8a
f6609a84b5f9cc03317bdcb48a22a0b0a65ccbd7
3a45bf978a940a8e36e14c7d9c7e9ee6c67a3df2aad3c914cd2977ca77800471
GET /adq/?q=815001&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb2015141376 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cm.p.altergeo.ru/relap?aid=SkG9g3pO&nc=Pvd2OM7i&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
138.201.139.144302 0 B URL HTTP/1.1 cm.p.altergeo.ru/relap?aid=SkG9g3pO&nc=Pvd2OM7i&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
IP 138.201.139.144:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /relap?aid=SkG9g3pO&nc=Pvd2OM7i&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: cm.p.altergeo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Server: nginx/1.16.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Length: 0
Connection: close
Set-Cookie: _ag_uid="CMcxPNzoJdQA2jGQ8XV0Y_oQ=="; Version=1; Domain=altergeo.ru; Max-Age=15552000; Expires=Tue, 04-Apr-2023 02:38:49 GMT; Path=/
Location: https://relap.io/partners/altergeocs?uid=CMcxPNzoJdQA2jGQ8XV0Y_oQ==
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
fcgi4.gnezdo.ru/cookie_matching/relap_ssp/SkG9g3pO
93.95.102.105302 Found 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/relap_ssp/SkG9g3pO
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/relap_ssp/SkG9g3pO HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/SkG9g3pO/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWM+P7k6I4Y1XQJcAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
cdn.alfasense.net/lib/ad_builder.min.js
136.144.31.36200 OK 3.0 kB URL HTTP/2 cdn.alfasense.net/lib/ad_builder.min.js
IP 136.144.31.36:0
ASN #52000 Innovation IT Solutions LTD
File type ASCII text, with very long lines (10452)
Hash f7d333d99c6f63faebba7958aff924b4
e7a1e790f57920feb85261079519bb162086727a
36c85eaa0d181a826384bc79537539fd58475dcb910a285b9965c883ea194e76
GET /lib/ad_builder.min.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 06:34:34 GMT
etag: W/"631ade7a-28b4"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=732881&cpm_floor=100&sitename=new-days.ru&count=4
95.163.41.56200 OK 95 B URL HTTP/2 ad.mail.ru/adp/?q=732881&cpm_floor=100&sitename=new-days.ru&count=4
IP 95.163.41.56:0
Hash d6978d6e2be5442b077a9f5b690f2f41
937d223735b357af1ea1610395c538ff8a6361c2
666e911b4b0af31ebe75452bc3215d495ce87d74bccbd56c22d725c90944bcc7
GET /adp/?q=732881&cpm_floor=100&sitename=new-days.ru&count=4 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?id=3136989
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?id=3136989
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?id=3136989 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIC:1665023929:3136989:::; path=/; expires=Sat, 07-Oct-23 02:38:49 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/;h%u041C%u0435%u0434%u0432%u0435%u0434%u044C%20%u043F%u0440%u043E%u0441%u043D%u0443%u043B%u0441%u044F.%20%u0418%20%u043C%u0435%u0434%u0432%u0435%u0434%u044C%20%u0440%u0430%u0437%u043E%u0437%u043B%u0438%u043B%u0441%u044F.%20%u041A%u0438%u0435%u0432%u043B%u044F%u043D%u0430%u043C%20%u043F%u043E%u0440%u0430%20%u0431%u0435%u0436%u0430%u0442%u044C%20%u043F%u0440%u044F%u043C%u043E%20%u0441%u0435%u0439%u0447%u0430%u0441%21;0.3565230663219644
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/;h%u041C%u0435%u0434%u0432%u0435%u0434%u044C%20%u043F%u0440%u043E%u0441%u043D%u0443%u043B%u0441%u044F.%20%u0418%20%u043C%u0435%u0434%u0432%u0435%u0434%u044C%20%u0440%u0430%u0437%u043E%u0437%u043B%u0438%u043B%u0441%u044F.%20%u041A%u0438%u0435%u0432%u043B%u044F%u043D%u0430%u043C%20%u043F%u043E%u0440%u0430%20%u0431%u0435%u0436%u0430%u0442%u044C%20%u043F%u0440%u044F%u043C%u043E%20%u0441%u0435%u0439%u0447%u0430%u0441%21;0.3565230663219644
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?r;s1280*1024*24;uhttps%3A//new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/;h%u041C%u0435%u0434%u0432%u0435%u0434%u044C%20%u043F%u0440%u043E%u0441%u043D%u0443%u043B%u0441%u044F.%20%u0418%20%u043C%u0435%u0434%u0432%u0435%u0434%u044C%20%u0440%u0430%u0437%u043E%u0437%u043B%u0438%u043B%u0441%u044F.%20%u041A%u0438%u0435%u0432%u043B%u044F%u043D%u0430%u043C%20%u043F%u043E%u0440%u0430%20%u0431%u0435%u0436%u0430%u0442%u044C%20%u043F%u0440%u044F%u043C%u043E%20%u0441%u0435%u0439%u0447%u0430%u0441%21;0.3565230663219644 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Tue, 05 Oct 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
relap.io/v7/28201.0679fc91d8118f67f71a.js
95.163.37.253200 OK 7.5 kB URL HTTP/2 relap.io/v7/28201.0679fc91d8118f67f71a.js
IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (30458), with no line terminators
Hash d6639117f9a33a65448e8d738676d24f
dac0a5bda5a183831468febe048e385d203ea2b8
98c613c691da5d3b370f4624c322eaf24cbdb2458ee7ce718144277ff54dc8a7
GET /v7/28201.0679fc91d8118f67f71a.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 7547
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-1d7b"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:49 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
relap.io/v7/48005.ec782c506414b785494c.js
95.163.37.253200 OK 8.8 kB URL HTTP/2 relap.io/v7/48005.ec782c506414b785494c.js
IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (35069), with no line terminators
Hash c94364240fc603e921f0aa82866cb089
31ce9296a4de71d3190edb44eaaa60ed8e0a20f9
fa633f394cae75b6d30f98a0cf18d4c1ac8dd4afbe25760c9f9dbaf2f2bbfa6b
GET /v7/48005.ec782c506414b785494c.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 8807
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-2267"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:49 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
relap.io/api/v7/recs
95.163.37.253200 OK 0 B IP 95.163.37.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v7/recs HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-relap-cookie,x-relap-uuid
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
access-control-allow-credentials: true
x-server: back10
access-control-allow-origin: https://new-days.ru
date: Thu, 06 Oct 2022 02:38:49 GMT
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
vary: Origin
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
news.mediametrics.ru/cgi-bin/b.fcgi?ac=b&m=js&v=2&n=10&id=DivID
88.212.202.23200 OK 9.8 kB URL HTTP/1.1 news.mediametrics.ru/cgi-bin/b.fcgi?ac=b&m=js&v=2&n=10&id=DivID
IP 88.212.202.23:0
ASN #39134 United Network LLC
Hash adc2f3c63cf27658b64bb1e46ab82b41
2bbbb31d0c7fefd37bcc16324d9ecfdb470824b6
0089b328e44fb87291f9da8b59f86b5e440a8425244b64940b6e9de4aba83894
GET /cgi-bin/b.fcgi?ac=b&m=js&v=2&n=10&id=DivID HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 9750
Connection: keep-alive
Content-Language: ru
Cache-Control: no-store
Pragma: no-cache
Vary: Accept-Language
Access-Control-Allow-Origin: *
code.giraff.io/data/advert.gif
172.67.26.199200 OK 34 B URL HTTP/2 code.giraff.io/data/advert.gif
IP 172.67.26.199:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cda661faf5e60e281e5f56067e7909db
324a0323af79f3142387d4761198f9ace2d78b3d
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
GET /data/advert.gif HTTP/1.1
Host: code.giraff.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: image/webp
content-length: 34
cache-control: max-age=60
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=43
content-disposition: inline; filename="advert.webp"
vary: Accept
access-control-allow-origin: *
etag: "62c051b9-2b"
expires: Thu, 06 Oct 2022 02:39:05 GMT
last-modified: Sat, 02 Jul 2022 14:10:01 GMT
cf-cache-status: HIT
age: 44
accept-ranges: bytes
server: cloudflare
cf-ray: 755b05e8cf650b69-OSL
X-Firefox-Spdy: h2
news.mediametrics.ru/css/style.css
88.212.202.23200 OK 3.9 kB URL HTTP/1.1 news.mediametrics.ru/css/style.css
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type ASCII text, with very long lines (13760), with no line terminators
Hash 86bdf8adac1ba6a421f62c11144e5e7c
2e441c067bb93e311061ecde85de31e76f1ca65c
9306b521c289996273cc136d521f776f423589c0c2db9406649ccbe182de52c9
GET /css/style.css HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 3923
Last-Modified: Tue, 15 Oct 2019 13:46:15 GMT
Connection: keep-alive
ETag: "5da5cda7-f53"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221003/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Wed, 05 Oct 2022 05:39:19 GMT
expires: Wed, 19 Oct 2022 05:39:19 GMT
cache-control: public, max-age=1209600
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
age: 75570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
news.mediametrics.ru/css/s.css
88.212.202.23200 OK 728 B URL HTTP/1.1 news.mediametrics.ru/css/s.css
IP 88.212.202.23:0
ASN #39134 United Network LLC
Hash 0e074d76865189c6e063f785a0abc1c8
ddd7d19299bb32d4121508298022c494e5b8a730
e5760ef86e481117569a0ffdd0c32e2ea8f03a5caf1e575e53a13b07bebe9bad
GET /css/s.css HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 728
Last-Modified: Thu, 17 Oct 2019 16:28:02 GMT
Connection: keep-alive
ETag: "5da89692-2d8"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
news.mediametrics.ru/js/app.js
88.212.202.23200 OK 34 kB URL HTTP/1.1 news.mediametrics.ru/js/app.js
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5d003f560d3a38802e216aa142f6e53f
f261c4528db741b66e0a95fd602e8a25d7761577
c065c2394b4c3a811d85e7642d2d2d156e1eaead5c31bbb95ca5b521a7072958
GET /js/app.js HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 33923
Last-Modified: Tue, 15 Oct 2019 13:46:25 GMT
Connection: keep-alive
ETag: "5da5cdb1-8483"
Content-Encoding: gzip
Access-Control-Allow-Origin: *
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 17fd357982c87550931fd309684638a4
ca3d5fa66ed0be7631e87651d16c8d76ed64c8d1
4c45a4fe64516a772af3a8ef581298672045d873aa7a9a662010444740d8b81d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:22:03 GMT
ETag: "ca3d5fa66ed0be7631e87651d16c8d76ed64c8d1"
Last-Modified: Thu, 06 Oct 2022 01:22:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 26
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05e96d7ab512-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 17fd357982c87550931fd309684638a4
ca3d5fa66ed0be7631e87651d16c8d76ed64c8d1
4c45a4fe64516a772af3a8ef581298672045d873aa7a9a662010444740d8b81d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:22:03 GMT
ETag: "ca3d5fa66ed0be7631e87651d16c8d76ed64c8d1"
Last-Modified: Thu, 06 Oct 2022 01:22:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 26
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05e96c5ab4f9-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 17fd357982c87550931fd309684638a4
ca3d5fa66ed0be7631e87651d16c8d76ed64c8d1
4c45a4fe64516a772af3a8ef581298672045d873aa7a9a662010444740d8b81d
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:22:03 GMT
ETag: "ca3d5fa66ed0be7631e87651d16c8d76ed64c8d1"
Last-Modified: Thu, 06 Oct 2022 01:22:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 26
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05e978dfb4eb-OSL
widget.svk-native.ru/css/common.css
65.109.36.34200 OK 44 B URL HTTP/2 widget.svk-native.ru/css/common.css
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
Hash 8cdef4dd28ef9895d13f832d194dee7c
815c1f9ca5faf0bcddb7730b04a0d5140a3b417a
d525babc06801d8f3ae3f523b81e9e5e6caebf7ad6c3f1e217d9dae97116f817
GET /css/common.css HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: text/css
content-length: 44
last-modified: Thu, 08 Sep 2022 14:59:03 GMT
etag: "631a0337-2c"
accept-ranges: bytes
X-Firefox-Spdy: h2
news.mediametrics.ru/uploads/1664907034blob.jpg
88.212.202.23200 OK 11 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664907034blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash c4004e9e9b89e7b0ba167c2e9bfe04cf
11faade85d5e4ce85c9f83988403f0f944abd609
58c3caa6ffbabc574ba773d04fab6ab2c0bc6e55086ac8a4d777aab7f320c7ed
GET /uploads/1664907034blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 10724
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:10:34 GMT
ETag: "633c771a-29e4"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664906899blob.jpg
88.212.202.23200 OK 9.5 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664906899blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash bec6967141dff09e199f5b9b055c8e20
5826b1ef9965a91380514bd0f8a40631238de28d
08279afe14121f630e0e4972ef7b17c48376ca93499190110ccad1fcbdde7ba9
GET /uploads/1664906899blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 9467
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:08:19 GMT
ETag: "633c7693-24fb"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664906606blob.jpg
88.212.202.23200 OK 10 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664906606blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash 576c14ecb1d2cb67ba3edf31a27a1b0a
db12b17611a903ad7f6a0f15287bc5a4bcd1de5f
8884980f5a31a73e747e54ec89945b0bf2554e0296c513b7487b06d61b24ed6f
GET /uploads/1664906606blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 9965
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:03:26 GMT
ETag: "633c756e-26ed"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664908984blob.jpg
88.212.202.23200 OK 6.6 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664908984blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash 47a4d48a6f29803f8715b011f96ab2e3
37f47eeffb311d9ae118aaad26e1fe55750a2959
ca73d428090b499628dc2af8d8bd27ed4b43e0ab82b1766b2a8bceede9b1efff
GET /uploads/1664908984blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 6607
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:43:04 GMT
ETag: "633c7eb8-19cf"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664907295blob.jpg
88.212.202.23200 OK 11 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664907295blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash 32d00d2a72c72743a7d4035a7cd42a54
b6dfd5e3ab111326fa26c7856f13292dbca9f4d0
06a8b828043b52c3c922b8cd329e29584dd6494d375edf31a14954e9c16472d9
GET /uploads/1664907295blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 10839
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:14:55 GMT
ETag: "633c781f-2a57"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664908630blob.jpg
88.212.202.23200 OK 9.8 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664908630blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash 4f31494878f4e895c63c4710a66984d8
bdf777f1fe8638378ae64ec7486146f4b20f6e2b
9d833d0269b4579cd26291365bf8ba412787e1ec73f458922fa85f0ef8f54d5c
GET /uploads/1664908630blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 9827
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:37:10 GMT
ETag: "633c7d56-2663"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664974966blob.jpg
88.212.202.23200 OK 5.0 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664974966blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash 0f2adab1a5e191ac61dcd89aa00424f7
25f87996f19b7500dc51a80ab1aa82f4b96ca669
b4a0f13d4d4af1c208446cdcdeb12bae1575e8b84b64923efa2da42ebb68d7a8
GET /uploads/1664974966blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 4960
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:02:46 GMT
ETag: "633d8076-1360"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664907185blob.jpg
88.212.202.23200 OK 5.1 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664907185blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash 6af9c7d5cbf543333bec44fa29ab4d00
ea7d941b1a3f5ca6a3fa02737c4b8085e56e807e
88f942a94e2f4faaf20aee0170abc497f6569ed09bb8ff870c3697fb863ac2d3
GET /uploads/1664907185blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 5149
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:13:05 GMT
ETag: "633c77b1-141d"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664908017blob.jpg
88.212.202.23200 OK 6.7 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664908017blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash e8ca129004942393350f4b2a1cab16f9
09fe9da1a46a07075a9a00bf7313b2e5b63872c7
a976e41dbb462876fe5f169253cfabf9dec587d5ead0f590cfda780d275bbf57
GET /uploads/1664908017blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 6681
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:26:57 GMT
ETag: "633c7af1-1a19"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
news.mediametrics.ru/uploads/1664908721blob.jpg
88.212.202.23200 OK 6.5 kB URL HTTP/1.1 news.mediametrics.ru/uploads/1664908721blob.jpg
IP 88.212.202.23:0
ASN #39134 United Network LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x256, components 3\012- data
Hash 75860ad2ac1afb627760a86839e9e1b6
f81f5c039c9a570f8ead6f4f415aba6603b4b9c6
3b93d5a9e2db809830c9615c1255b2199e087e3d9d84f1b96f4312b8270e9c84
GET /uploads/1664908721blob.jpg HTTP/1.1
Host: news.mediametrics.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:49 GMT
Content-Type: image/jpeg
Content-Length: 6524
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 18:38:41 GMT
ETag: "633c7db1-197c"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4531
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:38:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 68958
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4530
Expires: Thu, 06 Oct 2022 03:54:20 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
age: 17111
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:01:22 GMT
age: 16648
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ea772aa922bd86ac5ac327545783fe6
1d969f1a64b1a64b072f5cad3f200e4c3ff8867a
de95d2f46404083b6359742f25c651c0466ad50399c892252a752aa02c6468ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE95D2F46404083B6359742F25C651C0466AD50399C892252A752AA02C6468EC"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4953
Expires: Thu, 06 Oct 2022 04:01:23 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
age: 18046
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 746e3c38e01d58e6fa0728798221a830
b19dd1d42995ea4242505b152e77835442341581
c524a2e7e29690030b7402077f711e643674c8f42de071214f3909b447fb1e3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: J6TTFpH3OGVu4hTFbLlatmlwGGOiEshSdr4xUCdCKog4kUAA5TyBSQ==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:10:54 GMT
age: 16076
etag: "b19dd1d42995ea4242505b152e77835442341581"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ea772aa922bd86ac5ac327545783fe6
1d969f1a64b1a64b072f5cad3f200e4c3ff8867a
de95d2f46404083b6359742f25c651c0466ad50399c892252a752aa02c6468ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE95D2F46404083B6359742F25C651C0466AD50399C892252A752AA02C6468EC"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4953
Expires: Thu, 06 Oct 2022 04:01:23 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ea772aa922bd86ac5ac327545783fe6
1d969f1a64b1a64b072f5cad3f200e4c3ff8867a
de95d2f46404083b6359742f25c651c0466ad50399c892252a752aa02c6468ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE95D2F46404083B6359742F25C651C0466AD50399C892252A752AA02C6468EC"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4953
Expires: Thu, 06 Oct 2022 04:01:23 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ea772aa922bd86ac5ac327545783fe6
1d969f1a64b1a64b072f5cad3f200e4c3ff8867a
de95d2f46404083b6359742f25c651c0466ad50399c892252a752aa02c6468ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE95D2F46404083B6359742F25C651C0466AD50399C892252A752AA02C6468EC"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4953
Expires: Thu, 06 Oct 2022 04:01:23 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ea772aa922bd86ac5ac327545783fe6
1d969f1a64b1a64b072f5cad3f200e4c3ff8867a
de95d2f46404083b6359742f25c651c0466ad50399c892252a752aa02c6468ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE95D2F46404083B6359742F25C651C0466AD50399C892252A752AA02C6468EC"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4953
Expires: Thu, 06 Oct 2022 04:01:23 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af17f003b33d854fd024dcd3980fea27
1282572af57f7d04cae3f736a9b9fcb378efdf70
5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 09:27:45 GMT
age: 61865
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acint.net/aci.js
176.9.9.10200 OK 7.5 kB IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
etag: "61a4d3dc-1d25"
content-encoding: gzip
expires: Thu, 06 Oct 2022 14:38:50 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22loadDiv%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22loadDiv%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22loadDiv%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=nVqzHGM+P7q2gwD7JBeVAg87W5a/HpQJ7gi801PlFb+c5p/M; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
relap.io/api/v7/recs
95.163.37.253200 OK 5.8 kB IP 95.163.37.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13901), with no line terminators
Hash d393713b3d71e25849740ca95ef4e8b0
665832b90e201c4fe0d45e9e325d077b0559dda0
790aa1ef8c628676161bf56e7f4dad506b63c256099c1eeaf793f9e2c9ef0918
POST /api/v7/recs HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
X-Relap-UUID: 00a40a96-5f1f-4780-aed8-58888b99f2e7
Origin: https://new-days.ru
Content-Length: 4127
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
set-cookie: lsts=1665023929; expires=Sun, 03 Oct 2032 02:38:49 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
access-control-max-age: 1728000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-origin: https://new-days.ru
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
access-control-allow-credentials: true
x-server: web12
date: Thu, 06 Oct 2022 02:38:49 GMT
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
cache-control: max-age=1, no-cache
vary: Origin
pragma: no-cache
x-content-type-options: nosniff
access-control-expose-headers: X-Relap-Cookie
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
strict-transport-security: max-age=5184000; includeSubdomains;
content-encoding: br
X-Firefox-Spdy: h2
www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A1070%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A1070%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A1070%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=LgR5GmM+P7pSZQD2GozzAv1uzC3xnJOlTTxj+TT9gq1gJEAw; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22loadDiv%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22loadDiv%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22loadDiv%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023930 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4042c8e0761a9576cced90d1fa09f837
b6ce1418faa9b283ad23d761427bafbd47fc5689
5d4be6ec103965c477e80d8b432a7c5da1165b3f4c3cd9abb323674dd5cfb5c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4BE6EC103965C477E80D8B432A7C5DA1165B3F4C3CD9ABB323674DD5CFB5C2"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4587
Expires: Thu, 06 Oct 2022 03:55:17 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
relap.io/v7/video.987cf11fbbb4f8f46301.js
95.163.37.253200 OK 13 kB URL HTTP/2 relap.io/v7/video.987cf11fbbb4f8f46301.js
IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (48350), with no line terminators
Hash 58aa4faa5f8364c8e32c28f87315a9fb
119c6fb77b91783721eab29a5b1c020270bfeda5
95ec9a20c2428d479d673c865d52495a567c7b01d6a2bff6042059499b01bdd9
GET /v7/video.987cf11fbbb4f8f46301.js HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 12609
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-3141"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:50 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
logs.viadata.store/req/site?sid=105524&uid=1ca874c3-120b-415b-94bd-67ea89482858&event=playerLoaded&v=209281&cb=1665023930020
23.111.115.244200 OK 43 B URL HTTP/2 logs.viadata.store/req/site?sid=105524&uid=1ca874c3-120b-415b-94bd-67ea89482858&event=playerLoaded&v=209281&cb=1665023930020
IP 23.111.115.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /req/site?sid=105524&uid=1ca874c3-120b-415b-94bd-67ea89482858&event=playerLoaded&v=209281&cb=1665023930020 HTTP/1.1
Host: logs.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 06 Oct 2022 02:38:50 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
rucdn.viadata.store/js/player/220928_5341fbcf.js
23.111.115.172200 OK 65 kB URL HTTP/2 rucdn.viadata.store/js/player/220928_5341fbcf.js
IP 23.111.115.172:0
Hash ec26bdecfc5ac0d94aa957791b427f67
fbc53ed4c22dce1ee61aa66add0411ac21076bfb
1ed17888184afc06d6c5eca91e18677332f59959ce4b4ebe9081b5e94d085690
GET /js/player/220928_5341fbcf.js HTTP/1.1
Host: rucdn.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 15:20:02 GMT
vary: Accept-Encoding
etag: W/"63346622-32f2f"
x-robots-tag: noindex, nofollow
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
relap.io/api/v7/metrics
95.163.37.253200 OK 2 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v7/metrics HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
Origin: https://new-days.ru
Content-Length: 1231
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 2
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
vary: Origin
date: Thu, 06 Oct 2022 02:38:50 GMT
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-max-age: 1728000
cache-control: max-age=1, no-cache
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server: back25
set-cookie: unique=rkQMMfRv; expires=Sun, 03 Oct 2032 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
fsts=1665023930; expires=Sun, 03 Oct 2032 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
lsts=1665023930; expires=Sun, 03 Oct 2032 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
suid=54a31ed7973256a2c33dbe9a274614235d18cf0a--7badc8264f46eb5e3fb5ce19973deafa91102a26dc8c4c71213d474eecdb0271; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
hllc=1; expires=Fri, 07 Oct 2022 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
pragma: no-cache
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c4e378c7d667acb0a4b7022bf0567b99
2b9e5dfcda1543c3696f858c3a187e39b7a6efe5
013170feb24a80bc0b3037cc9678bce7d3b31adcacd10ff1237eef215b55e598
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:50 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:18:56 GMT
ETag: "2b9e5dfcda1543c3696f858c3a187e39b7a6efe5"
Last-Modified: Thu, 06 Oct 2022 01:18:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2466
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05ed5efab512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 31d506d575b0ebb4ee02d205ba830a82
6dad4ab2bbefba5afa28eaf4291331da2db263f8
6611a859329ef30f03bdc2e5592490888e56ea18320c3fb253ae7772cd728490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6095
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:50 GMT
Last-Modified: Thu, 06 Oct 2022 00:57:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c4e378c7d667acb0a4b7022bf0567b99
2b9e5dfcda1543c3696f858c3a187e39b7a6efe5
013170feb24a80bc0b3037cc9678bce7d3b31adcacd10ff1237eef215b55e598
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:50 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:18:56 GMT
ETag: "2b9e5dfcda1543c3696f858c3a187e39b7a6efe5"
Last-Modified: Thu, 06 Oct 2022 01:18:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2466
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05ed5df7b4f9-OSL
www.acint.net/hit/?v=0.4.0&uid=93b35506-3706-4f0f-bd12-1ecc5feba6f0&dp=14&tz=%2B00%3A00&nc=11934993&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=&rs=1280x1024&t=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&oE=1&oP=1&dT=2022-10-06T02%3A38%3A50.428&fu=ab432a45-0b33-4d42-a739-ff0ea7664aa3
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=93b35506-3706-4f0f-bd12-1ecc5feba6f0&dp=14&tz=%2B00%3A00&nc=11934993&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=&rs=1280x1024&t=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&oE=1&oP=1&dT=2022-10-06T02%3A38%3A50.428&fu=ab432a45-0b33-4d42-a739-ff0ea7664aa3
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=93b35506-3706-4f0f-bd12-1ecc5feba6f0&dp=14&tz=%2B00%3A00&nc=11934993&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=&rs=1280x1024&t=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&oE=1&oP=1&dT=2022-10-06T02%3A38%3A50.428&fu=ab432a45-0b33-4d42-a739-ff0ea7664aa3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cdn.relap.io/tM/3/tM7QHw.jpg
95.163.37.254200 OK 21 kB URL HTTP/2 cdn.relap.io/tM/3/tM7QHw.jpg
IP 95.163.37.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x356, components 3\012- data
Hash 52e2915d85701788fed5754efa4cc0d0
35455cbec88b81ba7c3621c70238736b892750fc
363e3066698903a34abe6eb847f08e6f1ddeaa905f8540d1dd3c1afe6a89d098
GET /tM/3/tM7QHw.jpg HTTP/1.1
Host: cdn.relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/jpeg
content-length: 21032
last-modified: Tue, 06 Sep 2022 11:25:05 GMT
etag: "63172e11-5228"
expires: Fri, 07 Oct 2022 02:38:50 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
strict-transport-security: max-age=5184000; includeSubdomains;
x-server: rlp-cdn06.i
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.relap.io/Fv/3/FvvQHw.jpg
95.163.37.254200 OK 42 kB URL HTTP/2 cdn.relap.io/Fv/3/FvvQHw.jpg
IP 95.163.37.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x356, components 3\012- data
Hash e07f8799c3ad8fd462a870309e32d18b
94f8e9c9c5e0c1e2fb7652bad67a1b8f7efab229
ca3d8cc3beb22b76ba7722c1e7dd39d1407926bdb299a7cb02559faa82090958
GET /Fv/3/FvvQHw.jpg HTTP/1.1
Host: cdn.relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/jpeg
content-length: 41465
last-modified: Sat, 24 Sep 2022 06:25:19 GMT
etag: "632ea2cf-a1f9"
expires: Fri, 07 Oct 2022 02:38:50 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
strict-transport-security: max-age=5184000; includeSubdomains;
x-server: rlp-cdn06.i
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.relap.io/lH/4/lHbQHw.jpg
95.163.37.254200 OK 23 kB URL HTTP/2 cdn.relap.io/lH/4/lHbQHw.jpg
IP 95.163.37.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x213, components 3\012- data
Hash fbb9b920fa2b1d644a1af82ba395f4f3
9880bf6704b031a64f22dea0f9aa6788b3e9fa12
2043ff4f5769611ba585c6e0bb9fc3e373875c40376ee7c240336daf204c9e44
GET /lH/4/lHbQHw.jpg HTTP/1.1
Host: cdn.relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/jpeg
content-length: 22646
last-modified: Mon, 03 Oct 2022 11:32:07 GMT
etag: "633ac837-5876"
expires: Fri, 07 Oct 2022 02:38:50 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
strict-transport-security: max-age=5184000; includeSubdomains;
x-server: rlp-cdn06.i
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.relap.io/x_/4/x_nQHw.jpg
95.163.37.254200 OK 7.6 kB URL HTTP/2 cdn.relap.io/x_/4/x_nQHw.jpg
IP 95.163.37.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x196, components 3\012- data
Hash 40bfa7c3725986adb3f62c10c73949a1
ec409b9b389c50a903af28938a679c011a975322
1c618c1c9b9fdc15940686d1cbd0c6cfe735e889c45f3ef08f27ccc4c46a1d16
GET /x_/4/x_nQHw.jpg HTTP/1.1
Host: cdn.relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/jpeg
content-length: 7558
last-modified: Wed, 05 Oct 2022 04:58:26 GMT
etag: "633d0ef2-1d86"
expires: Fri, 07 Oct 2022 02:38:50 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
strict-transport-security: max-age=5184000; includeSubdomains;
x-server: rlp-cdn06.i
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
87.250.250.119200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (570)
Hash 44366cc385a5c0f49df4f22b71434b42
3f56349f8a3fff52e28a3300052bdc2bde97371c
485ba52769d75db2ed79f65318d37070d09ce3441680aa22caa10ae3cdcb45cd
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57285
date: Thu, 06 Oct 2022 02:38:50 GMT
access-control-allow-origin: *
etag: "633be002-dfc5"
expires: Thu, 06 Oct 2022 03:38:50 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.relap.io/tM/4/tM7QHw.jpg
95.163.37.254200 OK 7.7 kB URL HTTP/2 cdn.relap.io/tM/4/tM7QHw.jpg
IP 95.163.37.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x178, components 3\012- data
Hash a4713fd35a397ecb64ab57f9c7fc3eb1
b7e46dbff9c67db7db5f4c0352ab4a19bc8fecba
00f9c1ef140130e6d9c703d8580b98c8788d6552da58a79a9f95f2de7e9278c5
GET /tM/4/tM7QHw.jpg HTTP/1.1
Host: cdn.relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/jpeg
content-length: 7726
last-modified: Tue, 06 Sep 2022 11:25:05 GMT
etag: "63172e11-1e2e"
expires: Fri, 07 Oct 2022 02:38:50 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
strict-transport-security: max-age=5184000; includeSubdomains;
x-server: rlp-cdn06.i
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.relap.io/Fv/4/FvvQHw.jpg
95.163.37.254200 OK 14 kB URL HTTP/2 cdn.relap.io/Fv/4/FvvQHw.jpg
IP 95.163.37.254:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x178, components 3\012- data
Hash 93c2385ebd10fdb7e1e4fa121dd60441
7bf67afb8c53426cde73cc116508f2b76a13a661
ab2c21319d129fd03f12bcb5244801d5cff589fb01c9366ca7a66b7ed5f1fd9f
GET /Fv/4/FvvQHw.jpg HTTP/1.1
Host: cdn.relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/jpeg
content-length: 14380
last-modified: Sat, 24 Sep 2022 06:25:19 GMT
etag: "632ea2cf-382c"
expires: Fri, 07 Oct 2022 02:38:50 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
strict-transport-security: max-age=5184000; includeSubdomains;
x-server: rlp-cdn06.i
accept-ranges: bytes
X-Firefox-Spdy: h2
relap.io/api/v7/metrics
95.163.37.253200 OK 2 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v7/metrics HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
Origin: https://new-days.ru
Content-Length: 1231
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 2
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
pragma: no-cache
cache-control: max-age=1, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-max-age: 1728000
set-cookie: unique=lnAbY7vD; expires=Sun, 03 Oct 2032 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
fsts=1665023930; expires=Sun, 03 Oct 2032 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
lsts=1665023930; expires=Sun, 03 Oct 2032 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
suid=2009d929d6be13f341c4b3c7f03e70b26ef80a19--e4e1bf84f07cba73ac697426b69ca687cd0c8a083ea7831e1d93e9b4b022803c; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
hllc=1; expires=Fri, 07 Oct 2022 02:38:50 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date: Thu, 06 Oct 2022 02:38:50 GMT
vary: Origin
x-server: back20
x-content-type-options: nosniff
access-control-allow-origin: https://new-days.ru
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Thu, 06 Oct 2022 02:38:50 GMT
access-control-allow-origin: *
etag: "633be002-11a95"
expires: Thu, 06 Oct 2022 03:38:50 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e0b2aaa5f5e88e2f4cd2ee8a38e7c2c
16158d1667f1501592cd3b4c952433f06502712a
4abe30ea1f98a57903f56839e12af1bc48070e89700a29e48cfadf644a08b5bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4ABE30EA1F98A57903F56839E12AF1BC48070E89700A29E48CFADF644A08B5BF"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5204
Expires: Thu, 06 Oct 2022 04:05:34 GMT
Date: Thu, 06 Oct 2022 02:38:50 GMT
Connection: keep-alive
whos.amung.us/pingjs/?k=n9wwjuehz9&t=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&c=d&x=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&y=&a=0&v=27&r=6462
172.67.8.141200 OK 520 B URL HTTP/2 whos.amung.us/pingjs/?k=n9wwjuehz9&t=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&c=d&x=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&y=&a=0&v=27&r=6462
IP 172.67.8.141:0
Hash ad1770859b629ce2937e997443c0b029
53ad3a13054df142cc786f1a8806bd1ae43a0386
ece3603ddd5dd323f6d68d63eee25f6d9755b237e0d411fab1927d15f6bc3c17
GET /pingjs/?k=n9wwjuehz9&t=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&c=d&x=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&y=&a=0&v=27&r=6462 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755b05ecda44b4eb-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 61ae6934ee47263b9eda9dd080815f9f
3d4f2df2249f1da1f62adf3d554d2722a9224de1
14c120ba267cb3c7f45e81afb8e363e545248601f0575614936db327ce8dcb18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2660
Cache-Control: max-age=87527
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:50 GMT
Etag: "633ce83d-139"
Expires: Fri, 07 Oct 2022 02:57:37 GMT
Last-Modified: Wed, 05 Oct 2022 02:13:17 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
adservice.google.no/adsid/integrator.js?domain=new-days.ru
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=new-days.ru
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=new-days.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 02:38:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=new-days.ru
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=new-days.ru
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=new-days.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 02:38:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
relap.mail.ru/v7/video_ima220305.js
95.163.37.253200 OK 100 kB URL HTTP/2 relap.mail.ru/v7/video_ima220305.js
IP 95.163.37.253:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 100 kB (100539 bytes)
Hash 5968219e4b5fac2490970751c1cb0b04
eb08d95c79a7e8ddf7f7b7e2f0b17a13690c80f3
bf9d7a2df079a9606859c8760ca2741c2eae2adab5efac72d2684d1d34c94419
GET /v7/video_ima220305.js HTTP/1.1
Host: relap.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 100539
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-188bb"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:50 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b835b5a437ac8178465678803bb979f
fc037d7624b4dcdbb20992045e0abfa80ccaf5eb
6e2438b55d96e61a9effc80d9d3fb435e7fcd9736a1b54c7c1c8681978ecb75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.acint.net/pxl/1?dp=16&id=121999.778992.164814655.0.0.86&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/pxl/1?dp=16&id=121999.778992.164814655.0.0.86&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pxl/1?dp=16&id=121999.778992.164814655.0.0.86&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=new-days.ru&callback=_gfp_s_&client=ca-pub-3799842268627012
172.217.21.162200 OK 200 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=new-days.ru&callback=_gfp_s_&client=ca-pub-3799842268627012
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash d5a6a5d9b38d278a7cef71972b8932b8
3a5da0573efbc6f47060741830ee8cb1c677b396
70dd2beaa9075ac7a83a1526fb69e4664c03e87e817b5a09fd02ba6a21e90333
GET /gampad/cookie.js?domain=new-days.ru&callback=_gfp_s_&client=ca-pub-3799842268627012 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 02:38:50 GMT
server: cafe
cache-control: private
content-length: 200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b835b5a437ac8178465678803bb979f
fc037d7624b4dcdbb20992045e0abfa80ccaf5eb
6e2438b55d96e61a9effc80d9d3fb435e7fcd9736a1b54c7c1c8681978ecb75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rucdn.viadata.store/static/report.svg
23.111.115.172200 OK 3.0 kB URL HTTP/2 rucdn.viadata.store/static/report.svg
IP 23.111.115.172:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2042)
Hash c12dad0e0d31548287471223d9118b54
d40516c15ebc64ab96d309a7c0e2e49443d04bb2
8f03524fcc1c423e5375ee91780af2493c8f24426b5b85b058d0a3fbf76fcb34
GET /static/report.svg HTTP/1.1
Host: rucdn.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/svg+xml
content-length: 3025
last-modified: Sat, 05 Mar 2022 10:54:12 GMT
etag: "62234154-bd1"
x-robots-tag: noindex, nofollow
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
accept-ranges: bytes
X-Firefox-Spdy: h2
rucdn.viadata.store/static/viads-player-logo-50.png
23.111.115.172200 OK 9.9 kB URL HTTP/2 rucdn.viadata.store/static/viads-player-logo-50.png
IP 23.111.115.172:0
File type PNG image data, 184 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 62d3d693ee8133d8542327d947c83bc3
ef4c518a842a81609dd514bb3772784fb7884cb4
1f91e6a36850a13fbdb936b66de714eed21c929646fcb1398aa8ab377ca5310f
GET /static/viads-player-logo-50.png HTTP/1.1
Host: rucdn.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: image/png
content-length: 9930
last-modified: Fri, 23 Sep 2022 15:06:06 GMT
etag: "632dcb5e-26ca"
x-robots-tag: noindex, nofollow
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
accept-ranges: bytes
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/data/?callback=sapeRTB_633e3fbae_60614730&srtbid=121999&scids=164814655&sx=1268&sy=927&ref=&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&allimps=0&fl=0&v=3&tz=%2B00%3A00
193.3.184.211200 OK 50 B URL HTTP/1.1 ssp-rtb.sape.ru/data/?callback=sapeRTB_633e3fbae_60614730&srtbid=121999&scids=164814655&sx=1268&sy=927&ref=&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&allimps=0&fl=0&v=3&tz=%2B00%3A00
IP 193.3.184.211:0
File type ASCII text, with no line terminators
Hash 978f9b25e00015fa3be4d5887e23a0aa
01e552380edce664cd327e17ecbe2a2958c23a19
6d5c75a1d0194029cf9a33284c11dd82c117a36f36281d0b3b8a4a257e71fe8f
GET /data/?callback=sapeRTB_633e3fbae_60614730&srtbid=121999&scids=164814655&sx=1268&sy=927&ref=&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&allimps=0&fl=0&v=3&tz=%2B00%3A00 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 50
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Content-Encoding: gzip
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4pWM+P7t9OwDINqwyApT0AcWuXajmQ9DLXwHrcwmoMKPc; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aed614d1332f294fc29ebedb0472e066
272b37b49309c2a5797c441cc26236a37f8f74ec
72beb8006f8463d950634fd697482e115400c1c3b023cde15809a735c8077fde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72BEB8006F8463D950634FD697482E115400C1C3B023CDE15809A735C8077FDE"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9183
Expires: Thu, 06 Oct 2022 05:11:54 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aed614d1332f294fc29ebedb0472e066
272b37b49309c2a5797c441cc26236a37f8f74ec
72beb8006f8463d950634fd697482e115400c1c3b023cde15809a735c8077fde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72BEB8006F8463D950634FD697482E115400C1C3B023CDE15809A735C8077FDE"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9183
Expires: Thu, 06 Oct 2022 05:11:54 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
s.uuidksinc.net/match/246/?remote_uid=310122209
31.220.27.135200 OK 741 B URL HTTP/2 s.uuidksinc.net/match/246/?remote_uid=310122209
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, max compression\012- data
Hash 6f1448c84297d1095b6ceeb8ac950a56
2e342ea433b58b2117fcd31e6dbd437d793f118e
5923b1b94573bfd5b29e7ffe3573e5425bee7944793b1f7ef6fdd50267a91b94
GET /match/246/?remote_uid=310122209 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/png
content-length: 74
set-cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg; expires=Fri, 06 Oct 2023 02:38:51 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ru.viadata.store/tag/load.js?sid=105524
23.111.211.20200 OK 20 kB URL HTTP/2 ru.viadata.store/tag/load.js?sid=105524
IP 23.111.211.20:0
File type ASCII text, with very long lines (5597), with CRLF line terminators
Hash cbcb449952db5573e64329d4666e40ef
91552be3a8c60854be533c58f199b9558c8ebafb
efeda571d5b38d371a302d5037880b2eab680b2636f63ec249a2daba28968f61
GET /tag/load.js?sid=105524 HTTP/1.1
Host: ru.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.5
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2
www.acint.net/pxl/3?dp=16&id=121999.778992.164814655.0.0.86&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/pxl/3?dp=16&id=121999.778992.164814655.0.0.86&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pxl/3?dp=16&id=121999.778992.164814655.0.0.86&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/pxl/5?dp=86&id=121999.778992.164814656.0.1.0&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/pxl/5?dp=86&id=121999.778992.164814656.0.1.0&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pxl/5?dp=86&id=121999.778992.164814656.0.1.0&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22stub%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22vis100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22vis100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /rtbw/1?dp=14&cd=%7B%22st%22%3A121999%2C%22sc%22%3A0%2C%22pl%22%3A778992%2C%22ev%22%3A%22vis100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&r=1665023931 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e25275507e24dbd4feb6f58bc6325f96
3d21f398d998ee2cb384d8938ee1f55e1f85401a
951df6073529c916e0450e173983eedd4bb44ddc4b24f404aeac431a1d927f1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "951DF6073529C916E0450E173983EEDD4BB44DDC4B24F404AEAC431A1D927F1E"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3570
Expires: Thu, 06 Oct 2022 03:38:21 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 650cc6e6d0afde7fb28c62e2718b271d
1a61fcd985c34dd142189beec922f1d261737f62
9ce31e9c9fb71e8418054c546bf206f3c37f5ccdb4a7075b5b5fbe9b4c812483
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CE31E9C9FB71E8418054C546BF206F3C37F5CCDB4A7075B5B5FBE9B4C812483"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4756
Expires: Thu, 06 Oct 2022 03:58:07 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.211302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: sspuid=wQO4pWM+P7t9OwDINqwyApT0AcWuXajmQ9DLXwHrcwmoMKPc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=A5B803C1BB3F3E63C8003B7D0232AC36
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
z.cdn.adtarget.me/smc?s=83&u=310122209
212.32.253.229204 No Content 0 B URL HTTP/2 z.cdn.adtarget.me/smc?s=83&u=310122209
IP 212.32.253.229:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smc?s=83&u=310122209 HTTP/1.1
Host: z.cdn.adtarget.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 02:35:03 GMT
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=1A79042EBA3F3E63F600655202F48C1A
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1A79042EBA3F3E63F600655202F48C1A
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: jcsuuid=QHgstwUWOf6XSvnMGqKR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:51 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=QHgstwUWOf6XSvnMGqKR
set-cookie: jcsuuid=QHgstwUWOf6XSvnMGqKR; expires=Fri, 06 Oct 2023 02:38:51 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
statmedia.ru/counter/sync.gif?system=directadvert&ext_uid=310122209
185.162.95.70200 OK 43 B URL HTTP/1.1 statmedia.ru/counter/sync.gif?system=directadvert&ext_uid=310122209
IP 185.162.95.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /counter/sync.gif?system=directadvert&ext_uid=310122209 HTTP/1.1
Host: statmedia.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
a.utraff.com/sync?ssp=sape
104.21.59.66204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP 104.21.59.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 05 Nov 2022 05:38:51 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 05 Nov 2022 05:38:51 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQSFw%2FTmV%2BffaH1N74YoTj0sQ2BhoLxI07IDpj5UEqPum38A%2BRZyrWwm%2F8cuj72AcnNoaq66qhnJvNf28ABbhqryWwHPMirxY3zORaFIOhGPmoznVuZuaB8yZDGBjkI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755b05f28ee3b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=new-days.ru
178.250.0.157200 OK 27 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=new-days.ru
IP 178.250.0.157:0
Hash 5cbe405b036d67141ef136421f6c59e4
d549190ef436e906eebdccc37f595fb20df8621e
85ececb7013f6217276f72f6f83cc33b82254f0da9973baa2b4615d664c9ffef
GET /syncframe?origin=publishertag&topUrl=new-days.ru HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d6fc3356-d918-4e3c-8e00-7edcbd81a69f; expires=Tue, 31 Oct 2023 02:38:50 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 788003
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
216.58.207.195200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://widget.svk-native.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 15:39:46 GMT
expires: Sat, 30 Sep 2023 15:39:46 GMT
cache-control: public, max-age=31536000
age: 471545
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmpprof.com/matching/external/pixel.gif?sid=17&uid=310122209
85.192.12.173200 OK 43 B URL HTTP/2 dmpprof.com/matching/external/pixel.gif?sid=17&uid=310122209
IP 85.192.12.173:0
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /matching/external/pixel.gif?sid=17&uid=310122209 HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 06 Oct 2022 02:38:51 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nmatch=17_310122209; expires=Thu, 06 Oct 2022 14:38:51 GMT; path=/; secure; SameSite=None
uid=temp-91.90.42.154-; expires=Thu, 06 Oct 2022 04:38:51 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
relap.mail.ru/v7/bridge_ima220305.html
95.163.37.253200 OK 163 kB URL HTTP/2 relap.mail.ru/v7/bridge_ima220305.html
IP 95.163.37.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (39263)
Size 163 kB (162679 bytes)
Hash e434281855a39360d307927c314c2ac5
a59b6c30472603f54a407f692c89133670be3072
715a7655be3b11b17c57873099d051bafd72a22e4cb1c8936113540061dbf4f3
GET /v7/bridge_ima220305.html HTTP/1.1
Host: relap.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=utf-8
content-length: 162679
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-27b77"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:51 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=1A79042EBA3F3E63F600655202F48C1A
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1A79042EBA3F3E63F600655202F48C1A
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /match?id=106&vid=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:51 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=a175521540534385514d; expires=Fri, 06 Oct 2023 02:38:51 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
logs.viadata.store/event/dsp?event=rtb&event2=request&sid=105524&zone=2979&tids=16682%2C15669%2C16419%2C15667%2C15676%2C16417%2C15668&v=209281&cb=1665023931357
23.111.115.244200 OK 43 B URL HTTP/2 logs.viadata.store/event/dsp?event=rtb&event2=request&sid=105524&zone=2979&tids=16682%2C15669%2C16419%2C15667%2C15676%2C16417%2C15668&v=209281&cb=1665023931357
IP 23.111.115.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /event/dsp?event=rtb&event2=request&sid=105524&zone=2979&tids=16682%2C15669%2C16419%2C15667%2C15676%2C16417%2C15668&v=209281&cb=1665023931357 HTTP/1.1
Host: logs.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858; viads_sc=%5B%5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 06 Oct 2022 02:38:51 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
relap.mail.ru/v7/omweb_ima220305.js
95.163.37.253200 OK 14 kB URL HTTP/2 relap.mail.ru/v7/omweb_ima220305.js
IP 95.163.37.253:0
File type ASCII text, with very long lines (42976), with no line terminators
Hash b9a1609b114965e8e9b645dfdeb4b56f
4c1d347830a4bd35431df4e9ee671c8894909977
f8dbe20d1407f4cb49acf4b63187c879f7cfc26f39a198074bac22581fe40608
GET /v7/omweb_ima220305.js HTTP/1.1
Host: relap.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 14339
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-3803"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:51 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
relap.mail.ru/v7/client_ima220305.js
95.163.37.253200 OK 14 kB URL HTTP/2 relap.mail.ru/v7/client_ima220305.js
IP 95.163.37.253:0
File type ASCII text, with very long lines (42976), with no line terminators
Hash b9a1609b114965e8e9b645dfdeb4b56f
4c1d347830a4bd35431df4e9ee671c8894909977
f8dbe20d1407f4cb49acf4b63187c879f7cfc26f39a198074bac22581fe40608
GET /v7/client_ima220305.js HTTP/1.1
Host: relap.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 14339
last-modified: Wed, 05 Oct 2022 15:24:11 GMT
etag: "633da19b-3803"
content-encoding: br
expires: Sat, 05 Nov 2022 02:38:51 GMT
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=QHgstwUWOf6XSvnMGqKR
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=QHgstwUWOf6XSvnMGqKR
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=QHgstwUWOf6XSvnMGqKR HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash fa2676518067f4b601ee1ed6cbf3a919
43c1b94db10d38ace22c93e1033c37e5bfba9ede
25df2efb2bbcb61df11d46540296b1e2505bb14ce3aad814304635b69b1e986e
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 00:09:59 GMT
ETag: "43c1b94db10d38ace22c93e1033c37e5bfba9ede"
Last-Modified: Thu, 06 Oct 2022 00:10:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1146
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f3e9b1b512-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60dbe55eafcedb17854a01002f904ecd
b42cd50a1dedadcf1d7566ead3b10cb79e48c0ac
ca3afeb99e3d126c21ac8d2241107fa2dbd5a586a1d4bed4acdf03b4ddaae30a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA3AFEB99E3D126C21AC8D2241107FA2DBD5A586A1D4BED4ACDF03B4DDAAE30A"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4572
Expires: Thu, 06 Oct 2022 03:55:03 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
relap.io/api/v7/stat
95.163.37.253200 OK 0 B IP 95.163.37.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v7/stat HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-relap-cookie,x-relap-uuid
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html;charset=UTF-8
content-length: 0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
vary: Origin
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-origin: https://new-days.ru
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server: back01
date: Thu, 06 Oct 2022 02:38:51 GMT
x-content-type-options: nosniff
access-control-max-age: 1728000
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1665023931519;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1665023931519;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042EBA3F3E63F600655202F48C1A
136.243.148.229302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042EBA3F3E63F600655202F48C1A
IP 136.243.148.229:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=034e8160-4520-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 02:38:51 GMT; SameSite=None; Secure
uid-legacy=034e8160-4520-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 02:38:51 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042EBA3F3E63F600655202F48C1A&cs=1
X-Firefox-Spdy: h2
rucdn.viadata.store/vid/105524/be1835bdfe715cf4be7e827630051485.mp4
23.111.115.172206 Partial Content 164 kB URL HTTP/2 rucdn.viadata.store/vid/105524/be1835bdfe715cf4be7e827630051485.mp4
IP 23.111.115.172:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 164 kB (163804 bytes)
Hash 8e6e9ab26a03ca0a8de4ab65bb84db0a
d2cde75b0b3c2754aa9d974e6b01414d347fe463
3f553afbece7c4ec20a53f9f5f973afa72b60a732fac965561ee910250333028
GET /vid/105524/be1835bdfe715cf4be7e827630051485.mp4 HTTP/1.1
Host: rucdn.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858; viads_sc=%5B%5D
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: video/mp4
content-length: 540369
last-modified: Wed, 05 Oct 2022 16:07:36 GMT
etag: "633dabc8-83ed1"
x-robots-tag: noindex, nofollow
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-range: bytes 0-540368/540369
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbc5f720572bbdc960ba175d74d1d879
d0a6aceb38eb8bef7044fd6cebbef33bde43ee59
acdb7e5c9f7e07fe6d8a8be4e97b3680a810856d3e8d37082e9acbb4e6c71a36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACDB7E5C9F7E07FE6D8A8BE4E97B3680A810856D3E8D37082E9ACBB4E6C71A36"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7712
Expires: Thu, 06 Oct 2022 04:47:23 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
widget.svk-native.ru/?w=19047&sid=11455&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&title=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&description=%D0%96%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%D0%BC%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%BB%D1%83%D1%87%D1%88%D0%B5%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%D1%81%D0%BE%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B5%D1%89%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%BA%D0%B8%D0%BD%D1%83%D1%82%D1%8C%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%83%2C%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BC%D1%83%20%D1%87%D1%82%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%BD%D0%B0%D1%81%D1%82%D0%B0%D0%BB%D0%B0%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%BF%D0%B0%D1%83%D0%B7%D0%B0%2C%20%D0%BD%D0%BE%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BD%D0%B5%D1%81%D0%BA%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%20%D0%BC%D0%B5%D1%81%D1%8F%D1%86%D0%B5%D0%B2&image=https%3A%2F%2Fnew-days.ru%2Fwp-content%2Fuploads%2F2020%2F12%2Fcropped-2c946f292f457af833852240d9fe51df.jpg&original_url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&baser=bmV3LWRheXMucnU%3D&width=378&utm_source=19047
65.109.36.34200 OK 15 kB URL HTTP/2 widget.svk-native.ru/?w=19047&sid=11455&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&title=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&description=%D0%96%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%D0%BC%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%BB%D1%83%D1%87%D1%88%D0%B5%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%D1%81%D0%BE%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B5%D1%89%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%BA%D0%B8%D0%BD%D1%83%D1%82%D1%8C%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%83%2C%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BC%D1%83%20%D1%87%D1%82%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%BD%D0%B0%D1%81%D1%82%D0%B0%D0%BB%D0%B0%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%BF%D0%B0%D1%83%D0%B7%D0%B0%2C%20%D0%BD%D0%BE%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BD%D0%B5%D1%81%D0%BA%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%20%D0%BC%D0%B5%D1%81%D1%8F%D1%86%D0%B5%D0%B2&image=https%3A%2F%2Fnew-days.ru%2Fwp-content%2Fuploads%2F2020%2F12%2Fcropped-2c946f292f457af833852240d9fe51df.jpg&original_url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&baser=bmV3LWRheXMucnU%3D&width=378&utm_source=19047
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11690), with CRLF, LF line terminators
Hash 80350bf1792f661ed9ce04fb4c0cdb7c
e903dccad71fcf29e7c1e59fa7cd7c224aab07af
cfe95dbe811e9af7e2aa88b9c1f137749594a673b29ba0977658e3b1d3639eb6
GET /?w=19047&sid=11455&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&title=%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&description=%D0%96%D0%B8%D1%82%D0%B5%D0%BB%D1%8F%D0%BC%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%BB%D1%83%D1%87%D1%88%D0%B5%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%D1%81%D0%BE%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B5%D1%89%D0%B8%20%D0%B8%20%D0%BF%D0%BE%D0%BA%D0%B8%D0%BD%D1%83%D1%82%D1%8C%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%83%2C%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BC%D1%83%20%D1%87%D1%82%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%20%D0%B4%D0%BB%D1%8F%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%BD%D0%B0%D1%81%D1%82%D0%B0%D0%BB%D0%B0%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%BF%D0%B0%D1%83%D0%B7%D0%B0%2C%20%D0%BD%D0%BE%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%BD%D0%B5%D1%81%D0%BA%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE%20%D0%BC%D0%B5%D1%81%D1%8F%D1%86%D0%B5%D0%B2&image=https%3A%2F%2Fnew-days.ru%2Fwp-content%2Fuploads%2F2020%2F12%2Fcropped-2c946f292f457af833852240d9fe51df.jpg&original_url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&baser=bmV3LWRheXMucnU%3D&width=378&utm_source=19047 HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: s-common=7p19oj116t7232tspmuhjdubvk; path=/; domain=.svk-native.ru; secure; HttpOnly; SameSite=None
_svk_uid2=0c0bc1ac93987b444b7c95b49191d7f748abdcbe8072ad332b25a00f43f07470a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417583%3B%7D; expires=Wed, 01-Oct-2042 02:38:49 GMT; Max-Age=630719999; path=/; domain=.svk-native.ru; secure; HttpOnly; SameSite=None
test3rd=f9cccdf897f8e092a4428166189cd9dd68648b2b91b3d511752dc9c3de7e2e3aa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417583%3B%7D; expires=Wed, 01-Oct-2042 02:38:49 GMT; Max-Age=630719999; path=/; domain=.svk-native.ru; secure; SameSite=None
_pr_sid=68e4cb5a0cb99bcc5f98f5093821877cbe706349680da4de83f9bdb902bfb22aa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bs%3A7%3A%222732863%22%3B%7D; expires=Thu, 06-Oct-2022 03:08:49 GMT; Max-Age=1799; path=/; secure; HttpOnly; SameSite=None
_csrf-widget=9ae5074c262671411519646293a7eb9d1e2f8b9ccad5bdd0adf424a406b2bdeaa%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22j3nltowm_DnwoAbS8PabqKEOhErQTuNt%22%3B%7D; path=/; domain=.svk-native.ru; secure; HttpOnly; SameSite=None
x-upstream: unix:/run/haproxy-phpfpm-default.sock
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 34cefd75b6fe90f001858e199e3f800a
e1389df517380340264d78e51a95a38a87c42c67
221a9c529baf4fe9acd4d39765c0357e1f69dd35ac3cad58ae3303870ed14516
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 23:26:45 GMT
Expires: Wed, 12 Oct 2022 23:26:44 GMT
Etag: "e1389df517380340264d78e51a95a38a87c42c67"
Cache-Control: max-age=592672,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b05f44b99b529-OSL
relap.io/api/v7/stat
95.163.37.253200 OK 2 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v7/stat HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
X-Relap-UUID: 00a40a96-5f1f-4780-aed8-58888b99f2e7
Origin: https://new-days.ru
Content-Length: 8284
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023929; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 2
access-control-allow-origin: https://new-days.ru
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server: back19
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
pragma: no-cache
set-cookie: lsts=1665023931; expires=Sun, 03 Oct 2032 02:38:51 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-expose-headers: X-Relap-Cookie
vary: Origin
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
cache-control: max-age=1, no-cache
date: Thu, 06 Oct 2022 02:38:51 GMT
access-control-allow-credentials: true
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 59018402382840f7114c31208920e923
6e69a22ac0b7f570bda05fa02766e35155a66807
adcc6bddb3ba5de45c0a9cb6dcb262b37e767e7610b39f6c23619beacdebba4d
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:37:50 GMT
ETag: "6e69a22ac0b7f570bda05fa02766e35155a66807"
Last-Modified: Wed, 05 Oct 2022 23:37:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3285
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f48f19b527-OSL
acint.net/match?dp=14&euid=A5B803C1BB3F3E63C8003B7D0232AC36
176.9.9.10200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=A5B803C1BB3F3E63C8003B7D0232AC36
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=A5B803C1BB3F3E63C8003B7D0232AC36 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ru.viadata.store/tag/msync.js?sid=105524&gdpr=0&consent=
23.111.211.20200 OK 52 B URL HTTP/2 ru.viadata.store/tag/msync.js?sid=105524&gdpr=0&consent=
IP 23.111.211.20:0
File type ASCII text, with no line terminators
Hash 39a752340df033856a181224867e7111
c697156defc8432c90fb4184cff40a2210b95b8a
48fc9cc4eb77c14a49cf632dc04ddc5e70d0d5631465b2da5a413ad71101412e
GET /tag/msync.js?sid=105524&gdpr=0&consent= HTTP/1.1
Host: ru.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.5
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: viads_sc=%5B%5D; expires=Fri, 14-Oct-2022 02:38:51 GMT; Max-Age=691200; path=/; domain=.viadata.store; secure; HttpOnly; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8b89a3d32599ebe3c8955155b8e9401a
983157f89e4130b9f4661ac05ac7e3b2cb618844
fcb05e5fd89217aa4f30bd4d477b84b5c3e2ddac653e537e0879db2e6474863a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCB05E5FD89217AA4F30BD4D477B84B5C3E2DDAC653E537E0879DB2E6474863A"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Thu, 06 Oct 2022 04:36:05 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
sync.dmp.otm-r.com/match/sape?id=1A79042EBA3F3E63F600655202F48C1A
159.69.59.100204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1A79042EBA3F3E63F600655202F48C1A
IP 159.69.59.100:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.10
date: Thu, 06 Oct 2022 02:38:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ut.rktch.com/matchspm?pi=1000005&pui=1A79042EBA3F3E63F600655202F48C1A
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=1A79042EBA3F3E63F600655202F48C1A
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=cc72511462bfc95fd35295c0fa921741393e; Max-Age=2592000; Expires=Sat, 05 Nov 2022 02:38:51 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
dmp.gotechnology.io/match/sape?id=1A79042EBA3F3E63F600655202F48C1A
142.132.209.136302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1A79042EBA3F3E63F600655202F48C1A
IP 142.132.209.136:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1A79042EBA3F3E63F600655202F48C1A&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
giclgq.com/.cdn/3a8241/d3d944/bda3bb14e5c842e5babd0ccc77f68e70/d0b633ac5645d906.jpeg
62.76.25.27200 OK 18 kB URL HTTP/2 giclgq.com/.cdn/3a8241/d3d944/bda3bb14e5c842e5babd0ccc77f68e70/d0b633ac5645d906.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 858052730fca017595e1a7265d75139c
7b01a7e97c75723f7950f54971cc2fc2c3087758
d104461f69db526e33666634909b73a764c18b467005cdfd626247be590f6e54
GET /.cdn/3a8241/d3d944/bda3bb14e5c842e5babd0ccc77f68e70/d0b633ac5645d906.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 18267
last-modified: Mon, 03 Oct 2022 11:20:04 GMT
etag: "633ac564-475b"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
mediatoday.ru/core/match.gif?s=32&id=1A79042EBA3F3E63F600655202F48C1A
139.45.228.111200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=1A79042EBA3F3E63F600655202F48C1A
IP 139.45.228.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUxBseGqnzTQH0A; expires=Sun, 03-Oct-2032 02:38:51 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
giclgq.com/.cdn/3a8241/d72d18/f5818edf02da48d480a17438b268cc07/d0b62e3bc4be3e1c.jpeg
62.76.25.27200 OK 18 kB URL HTTP/2 giclgq.com/.cdn/3a8241/d72d18/f5818edf02da48d480a17438b268cc07/d0b62e3bc4be3e1c.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 5c2b582523a4a8023d379e45812878d6
527e52dc388007d8533389541e5de8b5f7e674b7
72d3bea4801c9342d9ab359ee5c6920160b9a94b41d84554f26dfb7d49cc900e
GET /.cdn/3a8241/d72d18/f5818edf02da48d480a17438b268cc07/d0b62e3bc4be3e1c.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 17959
last-modified: Fri, 29 Jul 2022 10:54:03 GMT
etag: "62e3bc4b-4627"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
sync.republer.com/match?dsp=sape
23.88.82.46204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP 23.88.82.46:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f58e97e7223da7e5a54109f29f17e895
04a848368d60b0a8e18255180e6f9501e486f8c6
cba7196e6a60734cc23d05aababbcb3f7fd744bbce37b7a12e8d56f2ea0faef1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CBA7196E6A60734CC23D05AABABBCB3F7FD744BBCE37B7A12E8D56F2EA0FAEF1"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8848
Expires: Thu, 06 Oct 2022 05:06:19 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&siteid=105524&cbb=1665023931362
176.99.6.56200 OK 21 B URL HTTP/1.1 vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&siteid=105524&cbb=1665023931362
IP 176.99.6.56:0
ASN #49352 Domain names registrar REG.RU, Ltd
File type ASCII text, with no line terminators
Hash 13ac7a47804f191f7cbe9b50641403d8
32f847ad3e7ef2388d22268a5164b46cae07e593
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6
GET /v0?i=11736&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&siteid=105524&cbb=1665023931362 HTTP/1.1
Host: vtg1.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 02:37:16 GMT
Content-Type: text/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 0
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*
Set-Cookie: b_uid=9bec86bdb0d6f104442573a944e3ffefa78e; Max-Age=36000; Expires=Thu, 06 Oct 2022 12:37:16 GMT; Domain=rktch.com; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df5cebb8d4556cbc1ff7be5260bfa688
48aed1e32405ef4b2eb4b5e1741757b008d70f2d
a246fd65b453c779a17ee9f6f79901ac1faee5f6ffb289228ac71af6c445bc28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A246FD65B453C779A17EE9F6F79901AC1FAEE5F6FFB289228AC71AF6C445BC28"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3079
Expires: Thu, 06 Oct 2022 03:30:10 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
giclgq.com/.cdn/3a8241/751d31/ae091aeb98e041e3a942722a3288f5f9/d0b6290dfb792e6a.jpeg
62.76.25.27200 OK 30 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/ae091aeb98e041e3a942722a3288f5f9/d0b6290dfb792e6a.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 220160eba278be50e6662321c7a87a6a
e2b0af7548514fc2870664c21ab65aa517388b73
4250e5b38d125404d43c8cff714bebbdc759666a5caa974ecd9f7382100172f7
GET /.cdn/3a8241/751d31/ae091aeb98e041e3a942722a3288f5f9/d0b6290dfb792e6a.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 29657
last-modified: Fri, 27 May 2022 14:27:03 GMT
etag: "6290dfb7-73d9"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
giclgq.com/.cdn/3a8241/751d31/39445e81f95c474c88f62d971db219e3/d0b6290e02f192bb.jpeg
62.76.25.27200 OK 28 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/39445e81f95c474c88f62d971db219e3/d0b6290e02f192bb.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 48d7d8b67fd7a2a29e96dd2dd1d836c6
74d19421295d51e887488ac1e423ee660c2052f7
6edc7e25a77bfffd137089a1653e4a3300aaa455f26a90516afbf09d9d0775c3
GET /.cdn/3a8241/751d31/39445e81f95c474c88f62d971db219e3/d0b6290e02f192bb.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 28407
last-modified: Fri, 27 May 2022 14:29:03 GMT
etag: "6290e02f-6ef7"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db09d070d52c6aad1d58582eb60f0021
bb64cf2d477280e81300ba27d6832b047a92037f
48369835fd492c9f416e09748b88d7c44ae6fbb58a707490c2a088fc224ea973
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48369835FD492C9F416E09748B88D7C44AE6FBB58A707490C2A088FC224EA973"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5498
Expires: Thu, 06 Oct 2022 04:10:29 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&site-info=%7B%22site_id%22%3A121999%2C%22srtb_sid%22%3A%22633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A571699234761%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A388430196%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 44 B URL HTTP/2 mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&site-info=%7B%22site_id%22%3A121999%2C%22srtb_sid%22%3A%22633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A571699234761%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A388430196%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /watch/71281900?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&site-info=%7B%22site_id%22%3A121999%2C%22srtb_sid%22%3A%22633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A571699234761%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A388430196%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&site-info=%7B%22site_id%22%3A121999%2C%22srtb_sid%22%3A%22633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A571699234761%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A388430196%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 02:38:50 GMT
access-control-allow-origin: https://new-days.ru
set-cookie: yandexuid=6998097481665023930; Expires=Fri, 06-Oct-2023 02:38:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6998097481665023930; Expires=Fri, 06-Oct-2023 02:38:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2658200801665023930; Path=/; SameSite=None; Secure
i=bQZjhdwuFyUdMTcb+mcZX7BAqM5hy32GhqpULREOaIQB6cks6OAbt7chZ9i0qJuKCnGaEtpogo7zl1tHowWGE+mH/jQ=; Expires=Sun, 03-Oct-2032 02:38:50 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696559930.yrts.1665023930#1696559930.yrtsi.1665023930; Expires=Fri, 06-Oct-2023 02:38:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:50 GMT
last-modified: Thu, 06-Oct-2022 02:38:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/prebid
193.3.184.211204 No Content 0 B IP 193.3.184.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 921
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: sspuid=wQO4pWM+P7t9OwDINqwyApT0AcWuXajmQ9DLXwHrcwmoMKPc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a116b1d81285955e34ce7b24ff5cb1b2
495d1c842868e1e5aa7d5049a419d41fc161bd3d
f6dbbea051048b91ae0276b1acf0831b153878ce039d3218ad10e3676df51684
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 15:41:02 GMT
Expires: Tue, 11 Oct 2022 15:41:01 GMT
Etag: "495d1c842868e1e5aa7d5049a419d41fc161bd3d"
Cache-Control: max-age=478329,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b05f55c2fb529-OSL
giclgq.com/.cdn/3a8241/751d31/d4036abaaf3d4972af76be848db3c534/d0b628b6fffb8f84.jpeg
62.76.25.27200 OK 90 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/d4036abaaf3d4972af76be848db3c534/d0b628b6fffb8f84.jpeg
IP 62.76.25.27:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 6a5db3bda2afa618c3e401b503af6e17
ac0001f496ac9c40852d7b71abaca98d1b23739f
37c2eca3e933706305122c5730c2f5bd132f2d1867dcfa725525e9d5580508ee
GET /.cdn/3a8241/751d31/d4036abaaf3d4972af76be848db3c534/d0b628b6fffb8f84.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 22795
last-modified: Mon, 23 May 2022 11:29:03 GMT
etag: "628b6fff-590b"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/prebid
193.3.184.211204 No Content 0 B IP 193.3.184.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 917
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: sspuid=wQO4pWM+P7t9OwDINqwyApT0AcWuXajmQ9DLXwHrcwmoMKPc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
sync.dmp.otm-r.com/match/aotm.js
159.69.59.100204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/aotm.js
IP 159.69.59.100:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/aotm.js HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.10
date: Thu, 06 Oct 2022 02:38:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 5dacbe11d9c736a36d11e7c8a1c456d2
356bf5736849dd73a7fd303007309d66b8d60d05
9f8c9a580e0774240e61f0f6bd1fdf43b06ae80f66c0384737776edd705c8c9c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:35:29 GMT
ETag: "356bf5736849dd73a7fd303007309d66b8d60d05"
Last-Modified: Thu, 06 Oct 2022 01:35:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f5da55b506-OSL
match.new-programmatic.com/userbind?src=sape&id=1A79042EBA3F3E63F600655202F48C1A
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1A79042EBA3F3E63F600655202F48C1A
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
giclgq.com/.cdn/3a8241/751d31/4fcaefa6aad347d48cec783c2b29d2cf/d0b6284c50ba75a6.jpeg
62.76.25.27200 OK 25 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/4fcaefa6aad347d48cec783c2b29d2cf/d0b6284c50ba75a6.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 7f7a66279791f2f58f383850f8d3726c
113fce301d40cfe3c3aaa8266ea75647e9f77431
aaa5320c0998a74620e58c931e749781873f387f0bdb198e7bad2103052bb736
GET /.cdn/3a8241/751d31/4fcaefa6aad347d48cec783c2b29d2cf/d0b6284c50ba75a6.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 25370
last-modified: Wed, 18 May 2022 10:06:03 GMT
etag: "6284c50b-631a"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b1dcae6ab89e8aa9cc346b11f71f0a0c
f3caca315d677194b460f1f2b6c0bc03859d5c20
d28f23bc02ddb369c08c43f4e9485919711f92924c631144015a82124203fb51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5514
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:51 GMT
Last-Modified: Thu, 06 Oct 2022 01:06:57 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 312
sync.bumlam.com/?src=sap1&uid=1A79042EBA3F3E63F600655202F48C1A
31.172.81.159302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1A79042EBA3F3E63F600655202F48C1A
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQwMzdlNjI0YS00NTIwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 01 Oct 2042 02:38:51 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARi7__iZBmIgMUE3OTA0MkVCQTNGM0U2M0Y2MDA2NTUyMDJGNDhDMUGiARADfmJKRSAR7YZEACWQyCQ3
ETag: 037e624a-4520-11ed-8644-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
giclgq.com/.cdn/3a8241/751d31/24c2462519da414c8b9907a0ad328d36/d0b6284c58309385.jpeg
62.76.25.27200 OK 17 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/24c2462519da414c8b9907a0ad328d36/d0b6284c58309385.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 2289d166eb919c82dee4c817e02d53d4
ef7ba9b7bc2565a744dba0dd79c9b5f432933770
382c2eff54dc79e9dcb437db82992da5e51eb6867bb2451741e5b8230a9b38c4
GET /.cdn/3a8241/751d31/24c2462519da414c8b9907a0ad328d36/d0b6284c58309385.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 16615
last-modified: Wed, 18 May 2022 10:08:03 GMT
etag: "6284c583-40e7"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=66fd40cb7bd4419f8705664cd1cd4cb9
176.9.9.10200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=66fd40cb7bd4419f8705664cd1cd4cb9
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=66fd40cb7bd4419f8705664cd1cd4cb9 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
giclgq.com/.cdn/3a8241/751d31/553bdd4ab8cb43e288cc1b1d3953c913/d0b6284c637b0e36.jpeg
62.76.25.27200 OK 25 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/553bdd4ab8cb43e288cc1b1d3953c913/d0b6284c637b0e36.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash fcf3dee2ccc00dc7492cf0d56c308477
3745d0510df2a8b880ff477b6850d71f738edcfb
669d89132c1c27bfabd5d626714758936aeef377a69436f11fcaf604096ff444
GET /.cdn/3a8241/751d31/553bdd4ab8cb43e288cc1b1d3953c913/d0b6284c637b0e36.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 24931
last-modified: Wed, 18 May 2022 10:11:03 GMT
etag: "6284c637-6163"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
giclgq.com/.cdn/3a8241/751d31/774ec37e3b8748bd94fc575dd61dc6cc/d0b628b6f1009582.jpeg
62.76.25.27200 OK 39 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/774ec37e3b8748bd94fc575dd61dc6cc/d0b628b6f1009582.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash ef2bbaf63c39627f4adbf82570d75b51
8f1b8fd9d4217196092d595b1da1921a59491a8e
06a1fc1534ae8e69727e859987f667ff270c460660e8ab3a87ab8e156ee28731
GET /.cdn/3a8241/751d31/774ec37e3b8748bd94fc575dd61dc6cc/d0b628b6f1009582.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 39058
last-modified: Mon, 23 May 2022 11:25:04 GMT
etag: "628b6f10-9892"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
giclgq.com/.cdn/3a8241/751d31/ff491c0296aa4563966f388beba8cbd2/d0b628b703c0b64c.jpeg
62.76.25.27200 OK 29 kB URL HTTP/2 giclgq.com/.cdn/3a8241/751d31/ff491c0296aa4563966f388beba8cbd2/d0b628b703c0b64c.jpeg
IP 62.76.25.27:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 21800ab286af16c9ca622ae015b70728
fdb3ba111d771d49b504a4d4c7991cce967e59b4
6d46bb1a77b88e2bd30394e1ee7c2769639fc9a769228ae8a084f11ebada7508
GET /.cdn/3a8241/751d31/ff491c0296aa4563966f388beba8cbd2/d0b628b703c0b64c.jpeg HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/jpeg
content-length: 28877
last-modified: Mon, 23 May 2022 11:30:04 GMT
etag: "628b703c-70cd"
access-control-allow-headers: *
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1665023931519
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/png
content-length: 0
location: https://461fe25a-1e36-4cb6-b750-f373a184ca95.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=461fe25a-1e36-4cb6-b750-f373a184ca95;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=461fe25a-1e36-4cb6-b750-f373a184ca95;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042EBA3F3E63F600655202F48C1A&cs=1
136.243.148.229200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042EBA3F3E63F600655202F48C1A&cs=1
IP 136.243.148.229:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042EBA3F3E63F600655202F48C1A&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=034e8160-4520-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=034e8160-4520-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 02:38:51 GMT; SameSite=None; Secure
uid-legacy=034e8160-4520-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 06 Oct 2023 02:38:51 GMT
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
168.119.9.59301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 168.119.9.59:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 91791a9d7142bebb92ded2d39b620e21
ba1528dfd4774c0a79b55f8975e6253a773c9362
5c8dacec311ec7d78a2146433ca875e3688032dc175aee22be2d991d310b00aa
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=56aefa66-58a4-49c1-6a17-59121e3ead89
serverid: TODO
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/prebid
193.3.184.211204 No Content 0 B IP 193.3.184.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 921
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: sspuid=wQO4pWM+P7t9OwDINqwyApT0AcWuXajmQ9DLXwHrcwmoMKPc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
www.acint.net/match?dp=111&euid=4d2db17b-8c17-4fe3-b7b7-2a7c292c29fa
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=4d2db17b-8c17-4fe3-b7b7-2a7c292c29fa
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=4d2db17b-8c17-4fe3-b7b7-2a7c292c29fa HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
s.uuidksinc.net/match/598/?remote_uid=2904417584
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/598/?remote_uid=2904417584
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/598/?remote_uid=2904417584 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://widget.svk-native.ru/
Connection: keep-alive
Cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:51 GMT
content-length: 0
location: https://widget.svk-native.ru/visitor-match/match-visitor?network_id=5&external_id=pm1vTUurZ36EA4a1ruWg
set-cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg; expires=Fri, 06 Oct 2023 02:38:51 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
widget.svk-native.ru/counters/?utm_source=104001533
65.109.36.34200 OK 87 kB URL HTTP/2 widget.svk-native.ru/counters/?utm_source=104001533
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
Hash 7419ed5806f9c46a62a2e9f7a1b1a546
3b28d7aec91913382ef32502fd760a1969da4c4e
66226bbd0724a0a0ecaed46e29e073c366e71083ed672a9dfd6b9eb11e0a4585
GET /counters/?utm_source=104001533 HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=68e4cb5a0cb99bcc5f98f5093821877cbe706349680da4de83f9bdb902bfb22aa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bs%3A7%3A%222732863%22%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-upstream: unix:/run/haproxy-phpfpm-default.sock
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.3 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 2f117e47303fc6e876e836458690fe7d
5680b73008a4fc771982b6a03ef7699eda3bc35d
6b25398e45fa22746e5c315bb66a127862474ef90338d705c27eaf74020d7136
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80561F5F84F1F8BD8B4E91B8E604364042FC83740CE51DDC72A973A2EC526D62"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1833
Expires: Thu, 06 Oct 2022 03:09:24 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74063b94145c90ddbbf9b947d03fb964
aa9f75549f129c205dd6c303bba16e75443471f7
ff731394ef2909cb4f50606f137f8baf6e8d95a839f0795edd56b52887a0690b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:51 GMT
Last-Modified: Thu, 06 Oct 2022 01:40:03 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.acint.net/match?dp=95&euid=KBRKVGKM
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=KBRKVGKM
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=KBRKVGKM HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
widget.svk-native.ru/visitor-match/match-network?network_id=3
65.109.36.34302 Found 9.8 kB URL HTTP/2 widget.svk-native.ru/visitor-match/match-network?network_id=3
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash 7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /visitor-match/match-network?network_id=3 HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.svk-native.ru/visitor-match/match-all
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=53ee1cf9785d080a9c41c8a78d90df647c52780a1c4ca24c8034661cfcb628c9a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bi%3A2732863%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
location: https://fcgi4.gnezdo.ru/cookie_matching/svk-native/
x-upstream: unix:/run/haproxy-phpfpm-default.sock
X-Firefox-Spdy: h2
cs.alfasense.com/pixeljs
23.111.100.20200 OK 2.3 kB IP 23.111.100.20:0
File type ASCII text, with very long lines (2252), with no line terminators
Hash 6024f2e46430e5149bc9e49e472d5cf7
d66106fbbbd2496505006260f91c62344e75509f
e0e5854573fcadbeb950f20aafc7e66be87585d1a88c24b8a4f8a58ff7e98de5
GET /pixeljs HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:51 GMT
Content-Type: application/javascript
Content-Length: 2252
Connection: keep-alive
Server: fasthttp
Set-Cookie: uuid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e; expires=Wed, 27 Sep 2023 02:38:51 GMT; domain=alfasense.com; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 712b095e2a77242f49fd9652e244ea06
ad531ae3f7f13af92de1086afda79e0ef2c730f7
bb5bdb7d11c03a101fa42916f411c7ed430d8385c9d185940bf3cd7442f75426
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB5BDB7D11C03A101FA42916F411C7ED430D8385C9D185940BF3CD7442F75426"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3387
Expires: Thu, 06 Oct 2022 03:35:18 GMT
Date: Thu, 06 Oct 2022 02:38:51 GMT
Connection: keep-alive
dmp.gotechnology.io/match/sape?id=1A79042EBA3F3E63F600655202F48C1A&chk=1
142.132.209.136302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1A79042EBA3F3E63F600655202F48C1A&chk=1
IP 142.132.209.136:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1A79042EBA3F3E63F600655202F48C1A&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/N2Y4NWFhNGY3M2Q0ZmQ0NQ
set-cookie: pid=N2Y4NWFhNGY3M2Q0ZmQ0NQ; expires=Fri, 06 Oct 2023 02:38:51 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=affsqw02sj
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=affsqw02sj
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=affsqw02sj HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b1dcae6ab89e8aa9cc346b11f71f0a0c
f3caca315d677194b460f1f2b6c0bc03859d5c20
d28f23bc02ddb369c08c43f4e9485919711f92924c631144015a82124203fb51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:52 GMT
Last-Modified: Thu, 06 Oct 2022 01:06:57 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 312
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash cfc47cd872459ac8b8f3ddeec3838804
b1b8185e461f8063452983247fb97582fe4a3128
bdde512c341fbbe0e088f3406cb7454394b7e1ef14f42771fa302ac7ea363287
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 00:31:13 GMT
ETag: "b1b8185e461f8063452983247fb97582fe4a3128"
Last-Modified: Thu, 06 Oct 2022 00:31:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1537
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f70cdfb517-OSL
cs.agency2.ru/p?ssp=sp&uid=1A79042EBA3F3E63F600655202F48C1A
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1A79042EBA3F3E63F600655202F48C1A
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=d4897915-98a6-4a48-b867-20d51fee660a
Set-Cookie: uuid=d4897915-98a6-4a48-b867-20d51fee660a; expires=Wed, 27 Sep 2023 02:38:52 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
images.sparrow.ru/original/d4/d413/d140/4413140.jpeg
92.42.15.240200 OK 22 kB URL HTTP/2 images.sparrow.ru/original/d4/d413/d140/4413140.jpeg
IP 92.42.15.240:0
ASN #50340 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 450x299, components 3\012- data
Hash 31ce6e238f99dc462698879499db2971
35c90f744a682b41f5d3d9f62c8b3a62be16b031
5cff5ec51cc628975b07de818316c69c152316a8736ec5942c3f2d7ca4005d58
GET /original/d4/d413/d140/4413140.jpeg HTTP/1.1
Host: images.sparrow.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.svk-native.ru
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.23.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/jpeg
content-length: 22017
last-modified: Sun, 02 Oct 2022 18:45:13 GMT
etag: "6339dc39-5601"
expires: Fri, 06 Oct 2023 02:38:52 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash cdc3a5f4435a2ea6aa1319e2fef1b3c0
1a6279e47046d313154016819361976826dea094
b2dfb4358184a34a812bc3f340e29b4fb32a5d5bd7c0baf2213f27a99baf461b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:52 GMT
Last-Modified: Thu, 06 Oct 2022 01:18:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 6f72915c3d853a258930ef0cc83e4d25
ea2bbab9b1839819ea106ae2cbab66098153965f
70a6299d39609d9bd28e788ed273f6543dd677b359c5dbccf50e5c13f7fe7a05
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 00:25:29 GMT
ETag: "ea2bbab9b1839819ea106ae2cbab66098153965f"
Last-Modified: Thu, 06 Oct 2022 00:25:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 804
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f7681bb527-OSL
sync.bumlam.com/?src=sap1&s_data=CAIQARi7__iZBmIgMUE3OTA0MkVCQTNGM0U2M0Y2MDA2NTUyMDJGNDhDMUGiARADfmJKRSAR7YZEACWQyCQ3
31.172.81.159200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARi7__iZBmIgMUE3OTA0MkVCQTNGM0U2M0Y2MDA2NTUyMDJGNDhDMUGiARADfmJKRSAR7YZEACWQyCQ3
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARi7__iZBmIgMUE3OTA0MkVCQTNGM0U2M0Y2MDA2NTUyMDJGNDhDMUGiARADfmJKRSAR7YZEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQwMzdlNjI0YS00NTIwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQwMzdlNjI0YS00NTIwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 01 Oct 2042 02:38:52 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ad.qvol.ru/v1/viads_outstream/out-stream/vast?ad_place_type=inread&device_type=web&page=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&domain=new-days.ru&cbb=1665023931359
5.188.150.124200 OK 1.5 kB URL HTTP/1.1 ad.qvol.ru/v1/viads_outstream/out-stream/vast?ad_place_type=inread&device_type=web&page=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&domain=new-days.ru&cbb=1665023931359
IP 5.188.150.124:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (308)
Hash 2e38df1c420a3fb3593f2967748c3f36
a8f15148f3d5c6af47edbbb3f28854add6f72fa1
6aad846479dae068bb04218e3c08bdf9f82a4ceba37778ef486cfdf5649eeee2
GET /v1/viads_outstream/out-stream/vast?ad_place_type=inread&device_type=web&page=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&domain=new-days.ru&cbb=1665023931359 HTTP/1.1
Host: ad.qvol.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.23.1
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/xml;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: clientId=9ad53358-75c0-4c72-a7ec-eb576db65701; Path=/; Max-Age=604800; Secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://new-days.ru
Content-Encoding: gzip
images.sparrow.ru/original/d4/d539/d068/4539068.jpeg
92.42.15.240200 OK 77 kB URL HTTP/2 images.sparrow.ru/original/d4/d539/d068/4539068.jpeg
IP 92.42.15.240:0
ASN #50340 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 870x486, components 3\012- data
Hash 38d767fed23fbd44fac05f2dd90264a4
285c324a9b739b629ef52ada0e11d173439df731
06fdb9ac070bb0474c948a819e4cacbb0e4b6c12e021cd3168092a6d03754bfd
GET /original/d4/d539/d068/4539068.jpeg HTTP/1.1
Host: images.sparrow.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.svk-native.ru
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.23.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/jpeg
content-length: 76898
last-modified: Tue, 04 Oct 2022 12:20:01 GMT
etag: "633c24f1-12c62"
expires: Fri, 06 Oct 2023 02:38:52 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
images.sparrow.ru/original/d4/d403/d905/4403905.jpeg
92.42.15.240200 OK 74 kB URL HTTP/2 images.sparrow.ru/original/d4/d403/d905/4403905.jpeg
IP 92.42.15.240:0
ASN #50340 OOO Network of data-centers Selectel
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 968x544, components 3\012- data
Hash a5095033043768ffa336ea29096f24e1
02995e95e16d9538069750d05327dd5a7e332ceb
094b4802d0ee5966fa3bfeb6757aec5187d12b828601fb891f703975fbbeab5b
GET /original/d4/d403/d905/4403905.jpeg HTTP/1.1
Host: images.sparrow.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.svk-native.ru
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.23.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/jpeg
content-length: 73621
last-modified: Sun, 02 Oct 2022 13:40:50 GMT
etag: "633994e2-11f95"
expires: Fri, 06 Oct 2023 02:38:52 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.svk-native.ru/visitor-match/match-all
65.109.36.34200 OK 35 kB URL HTTP/2 widget.svk-native.ru/visitor-match/match-all
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
Hash a85b5a84e33c0adf2c96f2e5d29187b2
3a9a91985b491fdac3ba7ea5b9395eb35542f921
6fd372d38776f19e48f8e5946a31cb2c2ac9224674c32d778332d1e3f58030fd
GET /visitor-match/match-all HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=68e4cb5a0cb99bcc5f98f5093821877cbe706349680da4de83f9bdb902bfb22aa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bs%3A7%3A%222732863%22%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-upstream: unix:/run/haproxy-phpfpm-default.sock
content-encoding: gzip
X-Firefox-Spdy: h2
adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&uid=1ca874c3-120b-415b-94bd-67ea89482858&cbb=1665023931364
188.34.131.134302 Found 316 B URL HTTP/2 adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&uid=1ca874c3-120b-415b-94bd-67ea89482858&cbb=1665023931364
IP 188.34.131.134:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 64951b620c8cc6d190996ef7c37a7312
f1f5b7c8c54786fc5660c43adc8f2becd8067c64
11695d7692b6f19d9fe546c98ef06d7165153dfe43428b5bcb4f72502509b90d
GET /viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&uid=1ca874c3-120b-415b-94bd-67ea89482858&cbb=1665023931364 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: text/html; charset=utf-8
content-length: 316
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
location: /viads-vast?confirm=1&referer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rolltype=content-roll&uid=1ca874c3-120b-415b-94bd-67ea89482858&vpaid=false
p3p: CP="adx.com.ru does not have a P3P policy"
set-cookie: user=633e3fbcd41e061ce459981f; Path=/; Domain=adx.com.ru; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a5d620515da26a7bcf18c1cfb70f1caa
7a98bf9ee82802278c0d90ebd86403a16dd4bbe9
8b5eecb0afd745c8c2b6726a56b1b33f5c337a73bd12575926f8308c62c688f4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 04:09:18 GMT
Expires: Tue, 11 Oct 2022 04:09:17 GMT
Etag: "7a98bf9ee82802278c0d90ebd86403a16dd4bbe9"
Cache-Control: max-age=436824,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b05f76d2eb529-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 6f72915c3d853a258930ef0cc83e4d25
ea2bbab9b1839819ea106ae2cbab66098153965f
70a6299d39609d9bd28e788ed273f6543dd677b359c5dbccf50e5c13f7fe7a05
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 00:25:29 GMT
ETag: "ea2bbab9b1839819ea106ae2cbab66098153965f"
Last-Modified: Thu, 06 Oct 2022 00:25:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 804
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f7bb31b506-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 1d0844cda464319d3e2e95e827480d73
4c58c35fa1917e05c49f066f3dea71f86f214932
f818729dc72796a66d5b88a7e188f352d8b73597e8e0bf49d4ef63c0469cfced
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 09 Oct 2022 22:53:46 GMT
ETag: "4c58c35fa1917e05c49f066f3dea71f86f214932"
Last-Modified: Wed, 05 Oct 2022 22:53:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f76e77b52d-OSL
www.acint.net/rmatch?dp=185&euid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D
176.9.9.10302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=185&euid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=185&euid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e&r=https%3A%2F%2Fcs.alfasense.com%2Fp%3Fssp%3Dsp%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: text/html
content-length: 154
location: https://cs.alfasense.com/p?ssp=sp&uid=1A79042EBA3F3E63F600655202F48C1A
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
s.uuidksinc.net/match/1215/?remote_uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/1215/?remote_uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1215/?remote_uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-length: 0
location: https://cs.alfasense.com/p?ssp=kd&uid=pm1vTUurZ36EA4a1ruWg
set-cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg; expires=Fri, 06 Oct 2023 02:38:52 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=alfasense&id=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
217.65.2.150302 Found 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=alfasense&id=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=alfasense&id=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
Location: https://cs.alfasense.com/p?ssp=tg&redir=0&id=
sync.bumlam.com/?src=asense&uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
31.172.81.159200 OK 43 B URL HTTP/1.1 sync.bumlam.com/?src=asense&uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
IP 31.172.81.159:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /?src=asense&uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: suuid3=IiQwMzdlNjI0YS00NTIwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: suuid3=IiQwMzdlNjI0YS00NTIwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Wed, 01 Oct 2042 02:38:52 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
cs.agency2.ru/p?ssp=al&uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=al&uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=al&uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: uuid=d4897915-98a6-4a48-b867-20d51fee660a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://cs.alfasense.com/p?ssp=a2&uid=d4897915-98a6-4a48-b867-20d51fee660a
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
www.acint.net/match?dp=126&euid=56aefa66-58a4-49c1-6a17-59121e3ead89
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=56aefa66-58a4-49c1-6a17-59121e3ead89
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=56aefa66-58a4-49c1-6a17-59121e3ead89 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.otm-r.com/adjson?tz=0&w=300&h=250&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=26147476fca617e8&transactionid=77fbf00f-1b9b-4747-9089-05f9f874d23a&auctionid=1dfc3d35-9d8e-436f-80be-e9957a0ec37d&bidfloor=0
195.201.57.28200 OK 2 B URL HTTP/2 ssp.otm-r.com/adjson?tz=0&w=300&h=250&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=26147476fca617e8&transactionid=77fbf00f-1b9b-4747-9089-05f9f874d23a&auctionid=1dfc3d35-9d8e-436f-80be-e9957a0ec37d&bidfloor=0
IP 195.201.57.28:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /adjson?tz=0&w=300&h=250&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=26147476fca617e8&transactionid=77fbf00f-1b9b-4747-9089-05f9f874d23a&auctionid=1dfc3d35-9d8e-436f-80be-e9957a0ec37d&bidfloor=0 HTTP/1.1
Host: ssp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/javascript
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: mpid=NjMzZTNmYmMwNjQwZjYyMg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
vary: Origin
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5ce40a28c2e59cf549ae81db3338ff03
645397e14ff6f2d09fbee940b0e07ad643ef0ffb
ec4ff6cd86a6b07e033238eec43da7228f3135a8d4a555a8cdb0811a8c98d5ff
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:50:52 GMT
ETag: "645397e14ff6f2d09fbee940b0e07ad643ef0ffb"
Last-Modified: Wed, 05 Oct 2022 23:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2538
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f82b6bb512-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5ce40a28c2e59cf549ae81db3338ff03
645397e14ff6f2d09fbee940b0e07ad643ef0ffb
ec4ff6cd86a6b07e033238eec43da7228f3135a8d4a555a8cdb0811a8c98d5ff
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:50:52 GMT
ETag: "645397e14ff6f2d09fbee940b0e07ad643ef0ffb"
Last-Modified: Wed, 05 Oct 2022 23:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2538
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f83f15b4eb-OSL
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:52 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=7o5kiF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFR2hwTlVFUjU4ZWgxdDFWZlYxV2gzQnUzRDV5TGQ0cSUyQjk5U0dYZzk0Vw; expires=Tue, 31 Oct 2023 02:38:52 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 233778
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ssp.hybrid.ai/auction/prebid
37.18.16.17204 No Content 0 B URL HTTP/2 ssp.hybrid.ai/auction/prebid
IP 37.18.16.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://new-days.ru
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
ssp.otm-r.com/adjson?tz=0&w=728&h=90&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=16401f3607b8c56&transactionid=71eb5195-b0ea-440f-8cdd-af3531b4f33c&auctionid=bdad642e-a0ff-4fa9-9bfb-0f590af3af22&bidfloor=0
195.201.57.28200 OK 2 B URL HTTP/2 ssp.otm-r.com/adjson?tz=0&w=728&h=90&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=16401f3607b8c56&transactionid=71eb5195-b0ea-440f-8cdd-af3531b4f33c&auctionid=bdad642e-a0ff-4fa9-9bfb-0f590af3af22&bidfloor=0
IP 195.201.57.28:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /adjson?tz=0&w=728&h=90&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=16401f3607b8c56&transactionid=71eb5195-b0ea-440f-8cdd-af3531b4f33c&auctionid=bdad642e-a0ff-4fa9-9bfb-0f590af3af22&bidfloor=0 HTTP/1.1
Host: ssp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/javascript
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: mpid=NjMzZTNmYmIwOGYxNThhMA==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
vary: Origin
X-Firefox-Spdy: h2
ssp.hybrid.ai/auction/prebid
37.18.16.17204 No Content 0 B URL HTTP/2 ssp.hybrid.ai/auction/prebid
IP 37.18.16.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://new-days.ru
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5ce40a28c2e59cf549ae81db3338ff03
645397e14ff6f2d09fbee940b0e07ad643ef0ffb
ec4ff6cd86a6b07e033238eec43da7228f3135a8d4a555a8cdb0811a8c98d5ff
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:50:52 GMT
ETag: "645397e14ff6f2d09fbee940b0e07ad643ef0ffb"
Last-Modified: Wed, 05 Oct 2022 23:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2538
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05f86b84b512-OSL
v.alfasrv.com/stats/2x2.png?s=44717&e=r&t=p
84.201.179.252200 OK 95 B URL HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=44717&e=r&t=p
IP 84.201.179.252:0
ASN #200350 Yandex.Cloud LLC
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=44717&e=r&t=p HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Thursday, 06-Oct-2022 02:38:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
v.alfasrv.com/stats/2x2.png?s=56710&e=r&t=p
84.201.179.252200 OK 95 B URL HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=56710&e=r&t=p
IP 84.201.179.252:0
ASN #200350 Yandex.Cloud LLC
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=56710&e=r&t=p HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Thursday, 06-Oct-2022 02:38:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e503369b0810c5211e6f1c807b4cfe40
f505fabc64a8bf2df698353af5731306735dfb33
c0075e0eb64a39d31b7decea2d2cfcdd5320adb99478fdf808922fc801f06b4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0075E0EB64A39D31B7DECEA2D2CFCDD5320ADB99478FDF808922FC801F06B4F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7581
Expires: Thu, 06 Oct 2022 04:45:13 GMT
Date: Thu, 06 Oct 2022 02:38:52 GMT
Connection: keep-alive
ssp.otm-r.com/adjson?tz=0&w=300&h=600&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=4f1250c4bfcfd08&transactionid=3013c9f6-7672-4b94-a1d8-aa388d6c2a43&auctionid=04942ed2-2ad6-48da-b1a9-a4c794d061e1&bidfloor=0
195.201.57.28200 OK 2 B URL HTTP/2 ssp.otm-r.com/adjson?tz=0&w=300&h=600&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=4f1250c4bfcfd08&transactionid=3013c9f6-7672-4b94-a1d8-aa388d6c2a43&auctionid=04942ed2-2ad6-48da-b1a9-a4c794d061e1&bidfloor=0
IP 195.201.57.28:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /adjson?tz=0&w=300&h=600&domain=&l=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&s=38014&cur=RUB&bidid=4f1250c4bfcfd08&transactionid=3013c9f6-7672-4b94-a1d8-aa388d6c2a43&auctionid=04942ed2-2ad6-48da-b1a9-a4c794d061e1&bidfloor=0 HTTP/1.1
Host: ssp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/javascript
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: mpid=NjMzZTNmYmMwNjQwZjY1Mg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cebec517756bbb20e49888e5055c21d8
03189ff62a2bdc2860e3862cb4613a6b87a54acd
9bb6f942380540a95ac4156aec95d0c56cddffc3cfd426405b668b4440987f20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BB6F942380540A95AC4156AEC95D0C56CDDFFC3CFD426405B668B4440987F20"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8778
Expires: Thu, 06 Oct 2022 05:05:10 GMT
Date: Thu, 06 Oct 2022 02:38:52 GMT
Connection: keep-alive
v.alfasrv.com/stats/2x2.png?s=45046&e=r&t=p
84.201.179.252200 OK 95 B URL HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=45046&e=r&t=p
IP 84.201.179.252:0
ASN #200350 Yandex.Cloud LLC
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=45046&e=r&t=p HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Thursday, 06-Oct-2022 02:38:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
pbs.alfasense.com/yandex/auction
23.111.100.20200 OK 9 B URL HTTP/1.1 pbs.alfasense.com/yandex/auction
IP 23.111.100.20:0
File type ASCII text, with no line terminators
Hash 0843d0aced07a6794043c8398a8cab3b
fd5e064965aa2b58bdbe25c1e5b5b002200a6c12
343c62d9ab9dddbb60bb459b9e2dd2ac171f1410be54a7ae1764efa6543df520
POST /yandex/auction HTTP/1.1
Host: pbs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 108
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/json
Content-Length: 9
Connection: keep-alive
Pragma: no-cache
X-Geo-CityId: 4000000055, 4000000055, 4000000055
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Max-Age: 0
X-Dsp-4__status: 204
Expires: 0
X-Dsp-2__status: 204
X-Dsp-2__x-openrtb-version: 2.3
X-Dsp-10__status: 204
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
pbs.alfasense.com/yandex/auction
23.111.100.20200 OK 9 B URL HTTP/1.1 pbs.alfasense.com/yandex/auction
IP 23.111.100.20:0
File type ASCII text, with no line terminators
Hash 0843d0aced07a6794043c8398a8cab3b
fd5e064965aa2b58bdbe25c1e5b5b002200a6c12
343c62d9ab9dddbb60bb459b9e2dd2ac171f1410be54a7ae1764efa6543df520
POST /yandex/auction HTTP/1.1
Host: pbs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 108
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/json
Content-Length: 9
Connection: keep-alive
Pragma: no-cache
X-Geo-CityId: 4000000055, 4000000055, 4000000055
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Max-Age: 0
X-Dsp-4__status: 204
Expires: 0
X-Dsp-2__status: 204
X-Dsp-2__x-openrtb-version: 2.3
X-Dsp-10__status: 204
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
ssp.hybrid.ai/auction/prebid
37.18.16.17204 No Content 0 B URL HTTP/2 ssp.hybrid.ai/auction/prebid
IP 37.18.16.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://new-days.ru
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
px.adhigh.net/rtb/direct_banner?bid_id=631201a45daa558&pid=66&tid=300x600_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x600&floor=0.24&cur=RUB
193.232.150.60302 Found 0 B URL HTTP/2 px.adhigh.net/rtb/direct_banner?bid_id=631201a45daa558&pid=66&tid=300x600_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x600&floor=0.24&cur=RUB
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/direct_banner?bid_id=631201a45daa558&pid=66&tid=300x600_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x600&floor=0.24&cur=RUB HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-length: 0
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-backend-id: f20-ru
set-cookie: gi_u=8g9K84XQ4ft.AikABlGDqyj3dA;Path=/;Domain=.adhigh.net;Expires=Fri, 06-Oct-2023 02:38:52 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/rtb/direct_banner?bid_id=631201a45daa558&pid=66&tid=300x600_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x600&floor=0.24&cur=RUB&bounced=1
X-Firefox-Spdy: h2
ssp.hybrid.ai/auction/prebid
37.18.16.17204 No Content 0 B URL HTTP/2 ssp.hybrid.ai/auction/prebid
IP 37.18.16.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 300
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
set-cookie: vid=930e8383259303d81442; expires=Fri, 06 Oct 2023 02:38:53 GMT; domain=hybrid.ai; secure; samesite=none
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
px.adhigh.net/rtb/direct_banner?bid_id=225074c14dc2112&pid=66&tid=728x90_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=728x90&floor=0.1&cur=RUB
193.232.150.60302 Found 0 B URL HTTP/2 px.adhigh.net/rtb/direct_banner?bid_id=225074c14dc2112&pid=66&tid=728x90_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=728x90&floor=0.1&cur=RUB
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/direct_banner?bid_id=225074c14dc2112&pid=66&tid=728x90_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=728x90&floor=0.1&cur=RUB HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-length: 0
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-backend-id: f20-ru
set-cookie: gi_u=8g9K84XQ4ft.AikABlGDqyj3dA;Path=/;Domain=.adhigh.net;Expires=Fri, 06-Oct-2023 02:38:52 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/rtb/direct_banner?bid_id=225074c14dc2112&pid=66&tid=728x90_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=728x90&floor=0.1&cur=RUB&bounced=1
X-Firefox-Spdy: h2
ssp.hybrid.ai/auction/prebid
37.18.16.17204 No Content 0 B URL HTTP/2 ssp.hybrid.ai/auction/prebid
IP 37.18.16.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 301
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
set-cookie: vid=0735c3e31139cd475646; expires=Fri, 06 Oct 2023 02:38:53 GMT; domain=hybrid.ai; secure; samesite=none
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
ssp.hybrid.ai/auction/prebid
37.18.16.17204 No Content 0 B URL HTTP/2 ssp.hybrid.ai/auction/prebid
IP 37.18.16.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /auction/prebid HTTP/1.1
Host: ssp.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 301
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
set-cookie: vid=49ae17b4454dfa899546; expires=Fri, 06 Oct 2023 02:38:53 GMT; domain=hybrid.ai; secure; samesite=none
vary: Origin
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server: Hybrid Web Server
X-Firefox-Spdy: h2
px.adhigh.net/rtb/direct_banner?bid_id=30d5455c4dcdf8c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=0.1&cur=RUB
193.232.150.60302 Found 0 B URL HTTP/2 px.adhigh.net/rtb/direct_banner?bid_id=30d5455c4dcdf8c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=0.1&cur=RUB
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/direct_banner?bid_id=30d5455c4dcdf8c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=0.1&cur=RUB HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-length: 0
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-backend-id: f20-ru
set-cookie: gi_u=8g9K84XQ4ft.AikABlGDqyj3kw;Path=/;Domain=.adhigh.net;Expires=Fri, 06-Oct-2023 02:38:52 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/rtb/direct_banner?bid_id=30d5455c4dcdf8c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=0.1&cur=RUB&bounced=1
X-Firefox-Spdy: h2
pbs.alfasense.com/yandex/auction
23.111.100.20200 OK 9 B URL HTTP/1.1 pbs.alfasense.com/yandex/auction
IP 23.111.100.20:0
File type ASCII text, with no line terminators
Hash 0843d0aced07a6794043c8398a8cab3b
fd5e064965aa2b58bdbe25c1e5b5b002200a6c12
343c62d9ab9dddbb60bb459b9e2dd2ac171f1410be54a7ae1764efa6543df520
POST /yandex/auction HTTP/1.1
Host: pbs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 109
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/json
Content-Length: 9
Connection: keep-alive
Pragma: no-cache
X-Geo-CityId: 4000000055, 4000000055, 4000000055
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Max-Age: 0
X-Dsp-4__status: 204
Expires: 0
X-Dsp-10__status: 204
X-Dsp-2__status: 204
X-Dsp-2__x-openrtb-version: 2.3
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.65.188302 Found 154 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.65.188:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 99528307ba6551e982b1b0872dd67ab9
f2f728a69ba94581d4c8d4974fd5477d1d6b6840
20389c2fa2f52375d4238854825c2db1e27227c4afdb6f8695cfb8891f5a2104
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 06 Oct 2022 02:38:51 GMT
x-request-id: f14ded91-a68d-402c-875e-fa6f20e5fac9
set-cookie: bvuid=affsqw02sj; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=affsqw02sj; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=affsqw02sj
X-Firefox-Spdy: h2
461fe25a-1e36-4cb6-b750-f373a184ca95.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
148.251.129.43302 Found 0 B URL HTTP/2 461fe25a-1e36-4cb6-b750-f373a184ca95.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
IP 148.251.129.43:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1
Host: 461fe25a-1e36-4cb6-b750-f373a184ca95.sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1665023931519; user_id=461fe25a-1e36-4cb6-b750-f373a184ca95
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=461fe25a-1e36-4cb6-b750-f373a184ca95;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=461fe25a-1e36-4cb6-b750-f373a184ca95;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=461fe25a-1e36-4cb6-b750-f373a184ca95
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=d4897915-98a6-4a48-b867-20d51fee660a
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=d4897915-98a6-4a48-b867-20d51fee660a
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=d4897915-98a6-4a48-b867-20d51fee660a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
rtb.com.ru/alfasense-sync?uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
83.222.114.188204 No Content 0 B URL HTTP/1.1 rtb.com.ru/alfasense-sync?uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
IP 83.222.114.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /alfasense-sync?uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:52 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
P3p: CP="rtb.com.ru does not have a P3P policy"
fcgi4.gnezdo.ru/cookie_matching/svk-native//?redirect=1
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/svk-native//?redirect=1
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/svk-native//?redirect=1 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://widget.svk-native.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
set-cookie: uid=XV9maWM+P7w6I4Y1XQgUAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023932%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023932%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 79175e7e055824580dab5fc5c32ad7d8
4528d3761fe939706b2201e531e812458470bf93
fc13884ba41f8838e042f509160ab14773af4f12c0982f9c009ea81633d280c1
GET /watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023932%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.svk-native.ru
Referer: https://widget.svk-native.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 06 Oct 2022 02:38:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://widget.svk-native.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:52 GMT
last-modified: Thu, 06-Oct-2022 02:38:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cs.alfasense.com/p?ssp=bv&uid=affsqw02sj
23.111.100.20200 OK 35 B URL HTTP/1.1 cs.alfasense.com/p?ssp=bv&uid=affsqw02sj
IP 23.111.100.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=bv&uid=affsqw02sj HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Cookie: uuid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rolltype=content-roll&uid=1ca874c3-120b-415b-94bd-67ea89482858&vpaid=false
188.34.131.134204 No Content 0 B URL HTTP/2 adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rolltype=content-roll&uid=1ca874c3-120b-415b-94bd-67ea89482858&vpaid=false
IP 188.34.131.134:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viads-vast?confirm=1&referer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rolltype=content-roll&uid=1ca874c3-120b-415b-94bd-67ea89482858&vpaid=false HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Referer: https://new-days.ru/
Connection: keep-alive
Cookie: user=633e3fbcd41e061ce459981f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
p3p: CP="adx.com.ru does not have a P3P policy"
X-Firefox-Spdy: h2
widget.svk-native.ru/visitor-match/match-visitor?network_id=5&external_id=pm1vTUurZ36EA4a1ruWg
65.109.36.34200 OK 420 B URL HTTP/2 widget.svk-native.ru/visitor-match/match-visitor?network_id=5&external_id=pm1vTUurZ36EA4a1ruWg
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
Hash 4af358474c3a85cdb003aa01b9c62d3f
f82216a95cca55cf241230504a65d4cc1e3973e4
bd7d6fc8c602514a3db1946d7403553582c239109a4e5c562663010ad91dd6bb
GET /visitor-match/match-visitor?network_id=5&external_id=pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://widget.svk-native.ru/
Connection: keep-alive
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=53ee1cf9785d080a9c41c8a78d90df647c52780a1c4ca24c8034661cfcb628c9a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bi%3A2732863%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-upstream: unix:/run/haproxy-phpfpm-default.sock
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.196.115200 OK 63 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.196.115:0
Hash b4590bc4605b9169a240e05484869458
cc8e8870f24ec84d1e13c8506d24d4870e2bdc60
071c7d252914bc1d73e80bd88c99bdec33ed73593424915edea28e36a77bc89c
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 390
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=2b59674a-cffd-5217-a290-dfc3c1aee07f; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vAADAYhZhuU58IcyuOBKL0arrDRrvmTsmA==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=461fe25a-1e36-4cb6-b750-f373a184ca95
176.9.9.10200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=461fe25a-1e36-4cb6-b750-f373a184ca95
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=461fe25a-1e36-4cb6-b750-f373a184ca95 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
px.adhigh.net/rtb/direct_banner?bid_id=631201a45daa558&pid=66&tid=300x600_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x600&floor=0.24&cur=RUB&bounced=1
193.232.150.60200 OK 12 B URL HTTP/2 px.adhigh.net/rtb/direct_banner?bid_id=631201a45daa558&pid=66&tid=300x600_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x600&floor=0.24&cur=RUB&bounced=1
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type JSON data\012- , ASCII text, with no line terminators
Hash 71d0daa4366fbebc75f9201e31040b5b
2229c1ab1493aff0eb7bac2d99ac166527c82a9d
cac9fb81a29c07978b6ff53ec2a73344f4756aba46e066610c17d9dd06fa96ae
GET /rtb/direct_banner?bid_id=631201a45daa558&pid=66&tid=300x600_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x600&floor=0.24&cur=RUB&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Content-Type: text/plain
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/json
content-length: 12
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
px.adhigh.net/rtb/direct_banner?bid_id=225074c14dc2112&pid=66&tid=728x90_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=728x90&floor=0.1&cur=RUB&bounced=1
193.232.150.60200 OK 12 B URL HTTP/2 px.adhigh.net/rtb/direct_banner?bid_id=225074c14dc2112&pid=66&tid=728x90_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=728x90&floor=0.1&cur=RUB&bounced=1
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type JSON data\012- , ASCII text, with no line terminators
Hash 71d0daa4366fbebc75f9201e31040b5b
2229c1ab1493aff0eb7bac2d99ac166527c82a9d
cac9fb81a29c07978b6ff53ec2a73344f4756aba46e066610c17d9dd06fa96ae
GET /rtb/direct_banner?bid_id=225074c14dc2112&pid=66&tid=728x90_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=728x90&floor=0.1&cur=RUB&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Content-Type: text/plain
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/json
content-length: 12
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
px.adhigh.net/rtb/direct_banner?bid_id=30d5455c4dcdf8c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=0.1&cur=RUB&bounced=1
193.232.150.60200 OK 12 B URL HTTP/2 px.adhigh.net/rtb/direct_banner?bid_id=30d5455c4dcdf8c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=0.1&cur=RUB&bounced=1
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type JSON data\012- , ASCII text, with no line terminators
Hash 71d0daa4366fbebc75f9201e31040b5b
2229c1ab1493aff0eb7bac2d99ac166527c82a9d
cac9fb81a29c07978b6ff53ec2a73344f4756aba46e066610c17d9dd06fa96ae
GET /rtb/direct_banner?bid_id=30d5455c4dcdf8c&pid=66&tid=300x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=300x250&floor=0.1&cur=RUB&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Content-Type: text/plain
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/json
content-length: 12
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
rtb.com.ru/relap-bid?confirming=true&referer=&uid=SkG9g3pO&vpaid=true
83.222.114.188200 OK 60 B URL HTTP/1.1 rtb.com.ru/relap-bid?confirming=true&referer=&uid=SkG9g3pO&vpaid=true
IP 83.222.114.188:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 0f3f8c40d9062b08f21a569244e70d27
0eb786c450839176913767e02d3916a947615d97
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
GET /relap-bid?confirming=true&referer=&uid=SkG9g3pO&vpaid=true HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://relap.mail.ru
Referer: https://relap.mail.ru/
Connection: keep-alive
Cookie: as-user=633e3fb8ec93552a76ed6a91
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: text/xml; charset=utf-8
Content-Length: 60
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://relap.mail.ru
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
P3p: CP="rtb.com.ru does not have a P3P policy"
cs.alfasense.com/p?ssp=kd&uid=pm1vTUurZ36EA4a1ruWg
23.111.100.20200 OK 35 B URL HTTP/1.1 cs.alfasense.com/p?ssp=kd&uid=pm1vTUurZ36EA4a1ruWg
IP 23.111.100.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=kd&uid=pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Cookie: uuid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
cs.alfasense.com/p?ssp=a2&uid=d4897915-98a6-4a48-b867-20d51fee660a
23.111.100.20200 OK 35 B URL HTTP/1.1 cs.alfasense.com/p?ssp=a2&uid=d4897915-98a6-4a48-b867-20d51fee660a
IP 23.111.100.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=a2&uid=d4897915-98a6-4a48-b867-20d51fee660a HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Cookie: uuid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
cs.alfasense.com/p?ssp=sp&uid=1A79042EBA3F3E63F600655202F48C1A
23.111.100.20200 OK 35 B URL HTTP/1.1 cs.alfasense.com/p?ssp=sp&uid=1A79042EBA3F3E63F600655202F48C1A
IP 23.111.100.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=sp&uid=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Cookie: uuid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
widget.svk-native.ru/visitor-match/match-all
65.109.36.34200 OK 322 B URL HTTP/2 widget.svk-native.ru/visitor-match/match-all
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
Hash 7b94670af03736a269b9e7a483a09743
ec72c6737675d0c5ee149a2be03f82c38e80324e
c12c4e82464ac9b0790facc598ae865d479d36b0817465fd8c277724bd12bb44
GET /visitor-match/match-all HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=68e4cb5a0cb99bcc5f98f5093821877cbe706349680da4de83f9bdb902bfb22aa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bs%3A7%3A%222732863%22%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-upstream: unix:/run/haproxy-phpfpm-default.sock
content-encoding: gzip
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1A79042EBA3F3E63F600655202F48C1A
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1A79042EBA3F3E63F600655202F48C1A
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
set-cookie: uid=XV9maWM+P7w6I4Y1XQhdAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042EBA3F3E63F600655202F48C1A
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042EBA3F3E63F600655202F48C1A
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1A79042EBA3F3E63F600655202F48C1A&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=3dc99554-a262-5217-bcd3-4d71dfed72cd; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vAAI-OCC36OHZfmjz389p7eHFWbroGyPqA==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=01545c24-17f0-5217-942c-47c0f712787c; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vAAI_MghuI0CMiU8JnR1Q-gM-6PMbFwGcA==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
instreamvideo.ru/core/vpaid/linear?pid=845&vr=1&rid=1665023931363
139.45.228.102200 OK 877 B URL HTTP/2 instreamvideo.ru/core/vpaid/linear?pid=845&vr=1&rid=1665023931363
IP 139.45.228.102:0
File type XML 1.0 document text\012- XML document, ASCII text, with CRLF line terminators
Hash dff90e533ea0d42ee7d6de72dcb6bddd
e0c16646ad5245285b086c2d22533bafac96e92d
ae49b092ac5dc2cd674df6c2918bbb0c91bfb909533f626d8787b18891c475a5
GET /core/vpaid/linear?pid=845&vr=1&rid=1665023931363 HTTP/1.1
Host: instreamvideo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/xml; charset=utf-8
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
set-cookie: idntfy=VUNwK1FhRNH1gCc; expires=Sun, 03-Oct-2032 02:38:51 GMT; domain=instreamvideo.ru; path=/core; SameSite=None; Secure
content-encoding: br
X-Firefox-Spdy: h2
v.alfasrv.com/stats/2x2.png?s=44717&a=fallback&k1=1&k2=1&e=i&t=p&c=0
84.201.179.252200 OK 95 B URL HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=44717&a=fallback&k1=1&k2=1&e=i&t=p&c=0
IP 84.201.179.252:0
ASN #200350 Yandex.Cloud LLC
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=44717&a=fallback&k1=1&k2=1&e=i&t=p&c=0 HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Thursday, 06-Oct-2022 02:38:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
px.adhigh.net/p/cm/sape?u=1A79042EBA3F3E63F600655202F48C1A
193.232.150.60302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1A79042EBA3F3E63F600655202F48C1A
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=8g9K84XQ4ft.AikABlGDqyj4wg;Path=/;Domain=.adhigh.net;Expires=Fri, 06-Oct-2023 02:38:52 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1A79042EBA3F3E63F600655202F48C1A&bounced=1
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 71bb3f551bc0c291f1447d2c6f25750e
6920678b41e97a280ccc3957d47f877072062489
e972dddfc0c5826c46edf7fde42df3617f39b58d40f0a9b32157fa70c471a1bd
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:31:16 GMT
ETag: "6920678b41e97a280ccc3957d47f877072062489"
Last-Modified: Wed, 05 Oct 2022 23:31:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2297
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05fb1ca1b512-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 71bb3f551bc0c291f1447d2c6f25750e
6920678b41e97a280ccc3957d47f877072062489
e972dddfc0c5826c46edf7fde42df3617f39b58d40f0a9b32157fa70c471a1bd
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:31:16 GMT
ETag: "6920678b41e97a280ccc3957d47f877072062489"
Last-Modified: Wed, 05 Oct 2022 23:31:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2297
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05fb184cb4eb-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 371b771e674be25bcbadb00dfbafc6d3
a040707072b055aa11d54914db3738e14243607a
d520e3328ca82b0b8f6b73eb86718683c303c4e10ced5fb2d2e836e760f31b15
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:41:26 GMT
ETag: "a040707072b055aa11d54914db3738e14243607a"
Last-Modified: Thu, 06 Oct 2022 01:41:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1614
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05fb5e8fb517-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 8c327d954529697330a762b06d43ec26
a773bc6f6f8c74612ac79390328cc3628c8c77cf
6e8d0b318903b42e9395ee94594572065b607768a386b54fa4f82326f79e8628
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:55:13 GMT
ETag: "a773bc6f6f8c74612ac79390328cc3628c8c77cf"
Last-Modified: Thu, 06 Oct 2022 01:55:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1686
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05fb5cbbb512-OSL
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042EBA3F3E63F600655202F48C1A
195.209.111.19200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042EBA3F3E63F600655202F48C1A
IP 195.209.111.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
v.alfasrv.com/stats/2x2.png?s=45046&a=fallback&k1=1&k2=1&e=i&t=p&c=0
84.201.179.252200 OK 95 B URL HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=45046&a=fallback&k1=1&k2=1&e=i&t=p&c=0
IP 84.201.179.252:0
ASN #200350 Yandex.Cloud LLC
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=45046&a=fallback&k1=1&k2=1&e=i&t=p&c=0 HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Thursday, 06-Oct-2022 02:38:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0d1153274175b565c2d1d9cc7e7f4de6
64371dce45dc5640a50e0fe5ad8ab51f53e4a288
b332e35e0d88b7765d34f7831d9579b4c5a1dd17fef98371c8a2f7317dc644ab
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 04:18:19 GMT
Expires: Mon, 10 Oct 2022 04:18:18 GMT
Etag: "64371dce45dc5640a50e0fe5ad8ab51f53e4a288"
Cache-Control: max-age=603090,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1234
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05fb782e1bfa-OSL
v.alfasrv.com/stats/2x2.png?s=56710&a=fallback&k1=1&k2=1&e=i&t=p&c=0
84.201.179.252200 OK 95 B URL HTTP/1.1 v.alfasrv.com/stats/2x2.png?s=56710&a=fallback&k1=1&k2=1&e=i&t=p&c=0
IP 84.201.179.252:0
ASN #200350 Yandex.Cloud LLC
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
GET /stats/2x2.png?s=56710&a=fallback&k1=1&k2=1&e=i&t=p&c=0 HTTP/1.1
Host: v.alfasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
Last-Modified: Thursday, 06-Oct-2022 02:38:52 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Accept-Ranges: bytes
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Length: 0
Connection: close
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 8c327d954529697330a762b06d43ec26
a773bc6f6f8c74612ac79390328cc3628c8c77cf
6e8d0b318903b42e9395ee94594572065b607768a386b54fa4f82326f79e8628
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:55:13 GMT
ETag: "a773bc6f6f8c74612ac79390328cc3628c8c77cf"
Last-Modified: Thu, 06 Oct 2022 01:55:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1686
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05fb9870b4eb-OSL
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f174e19f766d0c5f39d5224af19745aa
62fd631d19c1fcd097526985c8eaca1dc4c79216
3555fc03ff5d7b3fb2b131b6e8c83f2619b1bbbb77e109944dfa030545454288
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5203
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:52 GMT
Last-Modified: Thu, 06 Oct 2022 01:12:09 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
sape-sync.rutarget.ru/sync
178.170.196.247302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 178.170.196.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=1sLRKyQfKWD0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=1sLRKyQfKWD0; Path=/; Domain=.rutarget.ru; Expires=Tue, 04 Apr 2023 02:38:52 GMT; SameSite=None; Secure
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6086c7ae8b2976dfc1d1227f2c96b0ef
ffbb917b019a61946e0f9db793469f65e7a89b88
0d66347ef2b696e7c27ebe4bdccb4f9ee8aa9f1f563b69c80e79b82208406588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D66347EF2B696E7C27EBE4BDCCB4F9EE8AA9F1F563B69C80E79B82208406588"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3947
Expires: Thu, 06 Oct 2022 03:44:39 GMT
Date: Thu, 06 Oct 2022 02:38:52 GMT
Connection: keep-alive
sm.rtb.mts.ru/p?ssp=sape&id=1A79042EBA3F3E63F600655202F48C1A
217.66.147.42301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1A79042EBA3F3E63F600655202F48C1A
IP 217.66.147.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 02:49:40 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042EBA3F3E63F600655202F48C1A
Set-Cookie: dspid=c8a93028-3cba-4aa5-b3ff-2eeeacb0d351; expires=Wed, 27 Sep 2023 02:38:52 GMT; domain=.mts.ru; path=/; secure; SameSite=None
tag.digitaltarget.ru/adcm.js
185.15.175.146200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.146:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 06 Oct 2022 02:34:31 GMT
Connection: keep-alive
ETag: "633e3eb7-beb"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d624e306f25928ab26f1748a9496f621
720587eb17a7a38da11710bbec95f7f40dacad0b
01aa10b1bc54a3d89f1042d1bb5544237d46bbd3dae89bcea4b4b9d9b6345531
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4107
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:52 GMT
Last-Modified: Thu, 06 Oct 2022 01:30:25 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ea12d2d8a38c54298b6916d7e99902d6
79908828cbc4e35ca52495ec617e9ade5335ebff
3c62bd3ad8856f8b32cafa8fb62c49e23c3164024f34ede7476e9e59a48a4933
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:18:47 GMT
Expires: Tue, 11 Oct 2022 14:18:46 GMT
Etag: "79908828cbc4e35ca52495ec617e9ade5335ebff"
Cache-Control: max-age=473393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755b05fb9ebab529-OSL
inplayer.ru/video/black.jpg
139.45.228.111200 OK 1.9 kB URL HTTP/2 inplayer.ru/video/black.jpg
IP 139.45.228.111:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 640x360, components 3\012- data
Hash 93b584c080788e4606bb0b9e05c73188
a148cd19f125882e18133cdd5bb3ca8e40cc8cc5
68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a
GET /video/black.jpg HTTP/1.1
Host: inplayer.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/jpeg
content-length: 1927
last-modified: Thu, 10 May 2018 09:19:36 GMT
etag: "5af40ea8-787"
access-control-allow-credentials: true
accept-ranges: bytes
X-Firefox-Spdy: h2
instreamvideo.ru/core/event.gif?eid=94&bid=36619&pid=845&ll=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&pw=432&ph=243&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc
139.45.228.102200 OK 43 B URL HTTP/2 instreamvideo.ru/core/event.gif?eid=94&bid=36619&pid=845&ll=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&pw=432&ph=243&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc
IP 139.45.228.102:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/event.gif?eid=94&bid=36619&pid=845&ll=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&pw=432&ph=243&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc HTTP/1.1
Host: instreamvideo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: idntfy=VUNwK1FhRNH1gCc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
X-Firefox-Spdy: h2
instreamvideo.ru/core/event.gif?eid=94&bid=37250&pid=845&ll=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&pw=432&ph=243&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc
139.45.228.102200 OK 43 B URL HTTP/2 instreamvideo.ru/core/event.gif?eid=94&bid=37250&pid=845&ll=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&pw=432&ph=243&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc
IP 139.45.228.102:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/event.gif?eid=94&bid=37250&pid=845&ll=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&pw=432&ph=243&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc HTTP/1.1
Host: instreamvideo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: idntfy=VUNwK1FhRNH1gCc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042EBA3F3E63F600655202F48C1A&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042EBA3F3E63F600655202F48C1A&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=1A79042EBA3F3E63F600655202F48C1A&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=ab76eed5-dc0e-5217-acb2-8579cf8cbac5; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vAAOjpB010ENdnymDveimREcJh-0fmObpA==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5101582902
195.209.108.51302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5101582902
IP 195.209.108.51:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5101582902 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 05 Oct 2024 02:38:52 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=a16b464b-6f6a-5217-aac4-76d7c9fa496b; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vAAOtaCFRpkscTGkSDnunlPy1B1g9oFuCA==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
relap.io/api/v7/recs
95.163.37.253200 OK 910 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with very long lines (1698), with no line terminators
Hash e71933a1e53e6d7297680db74065b787
e5446793b147dec0f7ff69be4d957e3820c9cabc
499bec2d4eff022594f2e53b3957966d31ca2ba4d58ab13684f0f75e2f7f0645
POST /api/v7/recs HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
X-Relap-UUID: 00a40a96-5f1f-4780-aed8-58888b99f2e7
Origin: https://new-days.ru
Content-Length: 3750
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023931; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://new-days.ru
set-cookie: lsts=1665023932; expires=Sun, 03 Oct 2032 02:38:52 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
access-control-max-age: 1728000
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
pragma: no-cache
access-control-allow-credentials: true
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-content-type-options: nosniff
x-server: back04
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-expose-headers: X-Relap-Cookie
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
vary: Origin
cache-control: max-age=1, no-cache
strict-transport-security: max-age=5184000; includeSubdomains;
content-encoding: br
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1A79042EBA3F3E63F600655202F48C1A&bounced=1
193.232.150.60200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1A79042EBA3F3E63F600655202F48C1A&bounced=1
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1A79042EBA3F3E63F600655202F48C1A&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/gif
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash dbc86ac6d6c2d089de157199b73de282
5d773cc60eec0b116c5a5988e400c2f7e7b2854b
72e2d2cbfd1cd9a51ad9153d22bdfff2f242ddbeefed5dcd65bb0bee504ba948
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 02:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 23:46:06 GMT
Expires: Thu, 06 Oct 2022 23:46:06 GMT
ETag: "5d773cc60eec0b116c5a5988e400c2f7e7b2854b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rurtb.viadata.store/vast/cs?zone=2979&sid=105524&w=432&h=243&site=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&vp=2&cbb=1665023931360
23.111.115.236200 OK 89 B URL HTTP/2 rurtb.viadata.store/vast/cs?zone=2979&sid=105524&w=432&h=243&site=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&vp=2&cbb=1665023931360
IP 23.111.115.236:0
File type ASCII text, with no line terminators
Hash 94c7808136b82cc83046b094fd3b12a5
86ab07b44e1082273e00dfb1da4e45539ebc2eca
c4fac44b549db611607d4a25076f9aa13a6e6ca559344c0cb3e93458cf715657
GET /vast/cs?zone=2979&sid=105524&w=432&h=243&site=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&vp=2&cbb=1665023931360 HTTP/1.1
Host: rurtb.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858; viads_sc=%5B%5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: application/xml; charset=utf-8
vary: Accept-Encoding
age: 0
cache-control: no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: https://new-days.ru
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
sp.ohmy.bid/cmf?0.6425162080832236
167.235.10.119204 No Content 0 B URL HTTP/2 sp.ohmy.bid/cmf?0.6425162080832236
IP 167.235.10.119:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cmf?0.6425162080832236 HTTP/1.1
Host: sp.ohmy.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
set-cookie: uid=57a97c75-6902-4a97-a24a-98c6f6e1d3c2.633e3fbd.b629f26adf901505; domain=.ohmy.bid; path=/; expires=Sat, 05-Nov-2022 02:38:53 GMT; SameSite=None; Secure;
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ads.alfasense.net/adserver/www/delivery/asyncspc.php?zones=1%7C7%7C4&prefix=revive-0-&xcampaigns=%3A%3Acpaex%3A%3Abetween%3A%3Agetintent%3A%3Adefault-stub%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Akadam-js%3A%3A&xsite=5761&xsitename=new-days.ru&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
136.144.31.29200 OK 4.3 kB URL HTTP/2 ads.alfasense.net/adserver/www/delivery/asyncspc.php?zones=1%7C7%7C4&prefix=revive-0-&xcampaigns=%3A%3Acpaex%3A%3Abetween%3A%3Agetintent%3A%3Adefault-stub%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Akadam-js%3A%3A&xsite=5761&xsitename=new-days.ru&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 136.144.31.29:0
ASN #52000 Innovation IT Solutions LTD
Hash 6f7436f3724981109d18eec610f40d83
1d4165665e2009a7d35d156fdc19ae2e29a341c6
653fdbe4037f13e49d775102826551a12cd559f7249b6f58693879113e33b593
GET /adserver/www/delivery/asyncspc.php?zones=1%7C7%7C4&prefix=revive-0-&xcampaigns=%3A%3Acpaex%3A%3Abetween%3A%3Agetintent%3A%3Adefault-stub%3A%3Avox%3A%3Aotm%3A%3Aalfasense%3A%3Artbsape%3A%3Akadam-js%3A%3A&xsite=5761&xsitename=new-days.ru&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: application/json
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: OAID=01000111010001000101000001010010; expires=Fri, 06-Oct-2023 02:38:53 GMT; Max-Age=31536000; path=/; secure; SameSite=none
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
instreamvideo.ru/core/code.xml?pid=845&vr=1&rid=1665023931363&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc&pw=432&ph=243&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&dc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
139.45.228.102200 OK 2.7 kB URL HTTP/2 instreamvideo.ru/core/code.xml?pid=845&vr=1&rid=1665023931363&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc&pw=432&ph=243&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&dc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 139.45.228.102:0
File type XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (338), with CRLF, LF line terminators
Hash 933a1307d1f5a26634a876d45fb9a7b8
537ac252a12185dbb639fe05561f7a1b89217aff
0ea96d17a03ab435eeb7b23181fb70e551105e5d43863677c4e0a3a901bf6dbe
GET /core/code.xml?pid=845&vr=1&rid=1665023931363&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc&pw=432&ph=243&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&dc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: instreamvideo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: idntfy=VUNwK1FhRNH1gCc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: text/xml; charset=utf-8
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
content-encoding: br
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=1
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=1
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=1 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Sun, 01 Oct 2023 02:38:53 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.alfasense.net/adserver/www/delivery/asyncjs.php
136.144.31.29200 OK 5.9 kB URL HTTP/2 ads.alfasense.net/adserver/www/delivery/asyncjs.php
IP 136.144.31.29:0
ASN #52000 Innovation IT Solutions LTD
Hash 3997679479b7c06c4ec5e9d2aaca6d47
a03df8f923544b471268d040b4843f977aea3861
a34e0cd21445d4603be4f8faf55d64f9d340d6616b4a189d0a2d902bb730da31
GET /adserver/www/delivery/asyncjs.php HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: text/javascript;charset=UTF-8
etag: 1079f85a6f7f7d83640b17a26d3394d5
expire: Thu, 06 Oct 2022 03:38:52 GMT
cache-control: private, max-age=3600
p3p: CP="CUR ADM OUR NOR STA NID"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
static.criteo.net/images/pixel.gif?ch=2
178.250.2.130200 OK 43 B URL HTTP/2 static.criteo.net/images/pixel.gif?ch=2
IP 178.250.2.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/pixel.gif?ch=2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
etag: "493ea254-2b"
expires: Sun, 01 Oct 2023 02:38:53 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mc.yandex.ru/watch/25706036?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A231389404%3Az%3A0%3Ai%3A20221006023852%3Aet%3A1665023932%3Arn%3A587279038%3Arqn%3A2%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C45%2C0%2C1%2C0%2C%2C420%2C0%2C%2C%2C%2C550%3Ans%3A1665023931334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023932%3At%3A&t=gdpr(14)clc(0-0-0)re(1)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 5.4 kB URL HTTP/2 mc.yandex.ru/watch/25706036?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A231389404%3Az%3A0%3Ai%3A20221006023852%3Aet%3A1665023932%3Arn%3A587279038%3Arqn%3A2%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C45%2C0%2C1%2C0%2C%2C420%2C0%2C%2C%2C%2C550%3Ans%3A1665023931334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023932%3At%3A&t=gdpr(14)clc(0-0-0)re(1)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
Hash f5daac5dd35302030b5e662f9c462152
5d90f942afe33796a3ad51aa6f6b19ff5adb2aee
2251113bc3563d9fade625debd2bb871b7b89f6ec926ac08ed489a4117a36cd8
GET /watch/25706036?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A231389404%3Az%3A0%3Ai%3A20221006023852%3Aet%3A1665023932%3Arn%3A587279038%3Arqn%3A2%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C45%2C0%2C1%2C0%2C%2C420%2C0%2C%2C%2C%2C550%3Ans%3A1665023931334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023932%3At%3A&t=gdpr(14)clc(0-0-0)re(1)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.svk-native.ru
Connection: keep-alive
Referer: https://widget.svk-native.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A231389404%3Az%3A0%3Ai%3A20221006023852%3Aet%3A1665023932%3Arn%3A587279038%3Arqn%3A2%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C45%2C0%2C1%2C0%2C%2C420%2C0%2C%2C%2C%2C550%3Ans%3A1665023931334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023932%3At%3A&t=gdpr%2814%29clc%280-0-0%29re%281%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-origin: https://widget.svk-native.ru
set-cookie: yandexuid=1846799761665023932; Expires=Fri, 06-Oct-2023 02:38:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1846799761665023932; Expires=Fri, 06-Oct-2023 02:38:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2301735911665023932; Path=/; SameSite=None; Secure
i=EcW6nBjk0zR9uBxKM5UKJoFvjAvRGso6ctMMJwfz7Jq/tm3Snt05tM4gqgAoo0twX7d5ONi7Bgo3Xv8I0ShXpL0C2Xs=; Expires=Sun, 03-Oct-2032 02:38:49 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696559932.yrts.1665023932#1696559932.yrtsi.1665023932; Expires=Fri, 06-Oct-2023 02:38:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:52 GMT
last-modified: Thu, 06-Oct-2022 02:38:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042EBA3F3E63F600655202F48C1A
217.66.147.42301 Moved Permanently 644 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042EBA3F3E63F600655202F48C1A
IP 217.66.147.42:0
File type gzip compressed data, max compression\012- data
Hash beb4bc59c81ad46a3d59fe414b41aeb6
e39c7374d80a0b3593538396d4425531b67af237
8e397715a45c7946481d012928fcd6de72a35ff6efa8a0940d57d98caf31dab5
GET /match/second?ssp=30&exu=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 06 Oct 2022 02:49:40 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
gem.gbc.criteo.com/newidsd
185.235.84.214200 OK 511 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.214:0
Hash e3e73defe943cfec9198c236788fe74c
e6585540bf8deb3901b9a692208cc584fbf6e942
f02e1e3662efb568e7d3a64c2c45c4e8cf70fa76d3021b27a899cf35ebf6af8a
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 113616
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash af1423361d37c5204878438841fbd2c4
9103c586f98e9d422ef1dd4bf0ea7bad3f03d697
2dd0f2face59ffc40651acbae4fd758cba0effc2b3aa1ef2326268eec896ded6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&site-info=%7B%22site_id%22%3A121999%2C%22srtb_sid%22%3A%22633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A571699234761%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A388430196%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&site-info=%7B%22site_id%22%3A121999%2C%22srtb_sid%22%3A%22633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A571699234761%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A388430196%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash fe081a0bd662f4b68b8696afee370ee9
92669fef7993f4809bba8a87a34e269c9f978171
0e18bc36c30ad4b1ef3e4c5c00858f9fa4dd1b5cc868c9d9fc7b8dae91c08782
GET /watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&site-info=%7B%22site_id%22%3A121999%2C%22srtb_sid%22%3A%22633e3fb9-df7c-eclp-1j1l-nl7fb6pou67r%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A571699234761%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A388430196%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 06 Oct 2022 02:38:53 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:53 GMT
last-modified: Thu, 06-Oct-2022 02:38:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=44433&callback_url=https%3A%2F%2Fcode.directadvert.ru%2Fsync%2F%3Fdsp%3D165%26id%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=44433&callback_url=https%3A%2F%2Fcode.directadvert.ru%2Fsync%2F%3Fdsp%3D165%26id%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=44433&callback_url=https%3A%2F%2Fcode.directadvert.ru%2Fsync%2F%3Fdsp%3D165%26id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /match?bidder_id=44433&callback_url=https%3A%2F%2Fcode.directadvert.ru%2Fsync%2F%3Fdsp%3D165%26id%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:53 GMT; Path=/; Domain=.betweendigital.com
tuuid=230b4fb8-9482-5217-ad0b-f0b7ce35cf0a; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:53 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vQABGUC7oRARx05wv85X1TPw3dovKNNoFg==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:53 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
instreamvideo.ru/storage/linear/test/_vpaid_0923_01.js
139.45.228.102200 OK 97 kB URL HTTP/2 instreamvideo.ru/storage/linear/test/_vpaid_0923_01.js
IP 139.45.228.102:0
File type Unicode text, UTF-8 text, with very long lines (418)
Hash 5b4dfd10d03d9a3e1dd1df4775dac779
58923d47255256a29afd92407810d32860a92360
e793dca1114e963027118dc6d1dc222641ca7ad14bb01ba5625c1f5c4a4189d4
GET /storage/linear/test/_vpaid_0923_01.js HTTP/1.1
Host: instreamvideo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 23 Sep 2022 10:44:55 GMT
etag: W/"632d8e27-265e5"
access-control-allow-credentials: true
content-encoding: br
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.200.43.243302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.200.43.243:0
ASN #48096 Enterprise Cloud Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=66fd40cb7bd4419f8705664cd1cd4cb9
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=66fd40cb7bd4419f8705664cd1cd4cb9; expires=Thu, 05 Oct 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 06 Oct 2022 02:38:50 GMT
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash 3304a6f98a75044bb4421199c7dc75e9
abd6494aeb49a2bacc3754c8d92cc10b855a63b7
4328f9f5f12fc419ce804827b962689ea88b31cfe4db01cf301cbc57aef3ba09
GET /pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7528
x-xss-protection: 0
date: Thu, 06 Oct 2022 01:28:28 GMT
expires: Thu, 20 Oct 2022 01:28:28 GMT
cache-control: public, max-age=1209600
etag: 13775775994264215463
content-type: text/javascript; charset=UTF-8
age: 4225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1624)
Hash 34ab0675c75e45ff3a7d26deeba3b7b5
107ab2ee1dcf23544643915b7deeac3f4810f623
8b64de46f29644054e532eb882d60485c1019d0219d729c35fbe8a586133a48c
GET /pagead/js/r20221003/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9540
x-xss-protection: 0
date: Thu, 06 Oct 2022 00:25:15 GMT
expires: Thu, 20 Oct 2022 00:25:15 GMT
cache-control: public, max-age=1209600
etag: 6580860447119072478
content-type: text/javascript; charset=UTF-8
age: 8018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
catsnetwork.ru/core/code.xml?pid=9433&vr=1&rid=1665023931363&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&idntfy=VUNwK1FhRNH1gCc
139.45.228.100200 OK 12 B URL HTTP/2 catsnetwork.ru/core/code.xml?pid=9433&vr=1&rid=1665023931363&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&idntfy=VUNwK1FhRNH1gCc
IP 139.45.228.100:0
File type ASCII text, with no line terminators
Hash 4505b55b7589ee5cd8969000a2fdb03b
61addaba90852636de97e269fa683ef57a17a491
21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529
GET /core/code.xml?pid=9433&vr=1&rid=1665023931363&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&idntfy=VUNwK1FhRNH1gCc HTTP/1.1
Host: catsnetwork.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: text/xml; charset=utf-8
content-length: 12
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
set-cookie: idntfy=VUNwK1FhRNH1gCc; expires=Sun, 03-Oct-2032 02:38:53 GMT; domain=catsnetwork.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
176.9.9.10302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042EBA3F3E63F600655202F48C1A
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 59fec29e65576975cd643d68bb721b3e
35c9e7bfd017b9a3fa7604e6afc6127b6d0ce7f5
e1d9862e05a1a1963fdffa97ba80ab8bcc9753c561f70c00494d48ad1f4f9620
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1D9862E05A1A1963FDFFA97BA80AB8BCC9753C561F70C00494D48AD1F4F9620"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4016
Expires: Thu, 06 Oct 2022 03:45:49 GMT
Date: Thu, 06 Oct 2022 02:38:53 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash c746c3207acc581957a903ab8323dcfe
149ff80775aaac50fbf6c44a222623ffea4574d4
4e6d72dd4dfb52549168f385c76db87822b774fb3d01b0d8a45af6add5e50380
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 10 Oct 2022 01:48:33 GMT
ETag: "149ff80775aaac50fbf6c44a222623ffea4574d4"
Last-Modified: Thu, 06 Oct 2022 01:48:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1686
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05fe7dafb506-OSL
pub-eu.p.otm-r.com/get?placement_id=10773&stream=instream&when=pre&domain=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
159.69.59.100200 OK 65 B URL HTTP/2 pub-eu.p.otm-r.com/get?placement_id=10773&stream=instream&when=pre&domain=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 159.69.59.100:0
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Hash f0d3eb53fb1f41dd312f1f5696c7124d
cf74e93d6e8f3bbc956805317fa1209aed9806a2
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
GET /get?placement_id=10773&stream=instream&when=pre&domain=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: pub-eu.p.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: mpid=NjMzZTNmYmMwNjQwZjY1Mg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.10
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: text/xml
content-length: 65
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: mpid=NjMzZTNmYmMwNjQwZjY1Mg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
vary: Origin
X-Firefox-Spdy: h2
code.directadvert.ru/rtb/winnotice?h=c6daefd14c1f6271d6bec2b9aae71b10&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyODY0OTQiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjM1MTUyNSwiY3BtIjoxMS41NjEsImlkIjoxNTI4NjQ5NCwiY3BjIjoxLjd9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjoxMS41NjEsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=11.561
95.168.170.7200 OK 43 B URL HTTP/2 code.directadvert.ru/rtb/winnotice?h=c6daefd14c1f6271d6bec2b9aae71b10&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyODY0OTQiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjM1MTUyNSwiY3BtIjoxMS41NjEsImlkIjoxNTI4NjQ5NCwiY3BjIjoxLjd9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjoxMS41NjEsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=11.561
IP 95.168.170.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /rtb/winnotice?h=c6daefd14c1f6271d6bec2b9aae71b10&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyODY0OTQiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjM1MTUyNSwiY3BtIjoxMS41NjEsImlkIjoxNTI4NjQ5NCwiY3BjIjoxLjd9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjoxMS41NjEsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=11.561 HTTP/1.1
Host: code.directadvert.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
set-cookie: nid=X6iqB2M+P71/LCj8TKiBAg==; expires=Fri, 06-Oct-23 02:38:53 GMT; domain=directadvert.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
vk.com/share.php?act=count&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&index=0
93.186.225.194200 OK 41 B URL HTTP/2 vk.com/share.php?act=count&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&index=0
IP 93.186.225.194:0
File type ASCII text, with no line terminators
Hash 6de86497641c67868bfddcbf5a8bf434
6065bb53c9addbda818a6b172597326ebc31e8dc
51d446e1b704e289975e53c6945dee986d432bb439d02a2afcee7ce1b5bddcf8
GET /share.php?act=count&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&index=0 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: text/html; charset=windows-1251
content-length: 41
x-powered-by: KPHP/7.4.112358
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Tue, 10 Oct 2023 12:24:12 GMT; path=/; domain=.vk.com
remixstlid=9061042548024975307_XDdMvkrxSJeo1dQZtir4rbeZN6SkfMRJAd0x1ydQR0D; expires=Fri, 06 Oct 2023 02:38:53 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front605110
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash dbc86ac6d6c2d089de157199b73de282
5d773cc60eec0b116c5a5988e400c2f7e7b2854b
72e2d2cbfd1cd9a51ad9153d22bdfff2f242ddbeefed5dcd65bb0bee504ba948
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 05 Oct 2022 23:46:06 GMT
Expires: Thu, 06 Oct 2022 23:46:06 GMT
ETag: "5d773cc60eec0b116c5a5988e400c2f7e7b2854b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
bidder.criteo.com/cdb?ptv=131&profileId=184&cb=99616492641
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?ptv=131&profileId=184&cb=99616492641
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?ptv=131&profileId=184&cb=99616492641 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 646
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:52 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
alfasense-sync.rutarget.ru/sync?uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
178.170.196.247302 Moved Temporarily 0 B URL HTTP/1.1 alfasense-sync.rutarget.ru/sync?uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
IP 178.170.196.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?uid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e HTTP/1.1
Host: alfasense-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Length: 0
Connection: close
Location: https://cs.alfasense.com/p?ssp=sg&uid=_BDeTBzm5hw6
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=_BDeTBzm5hw6; Path=/; Domain=.rutarget.ru; Expires=Tue, 04 Apr 2023 02:38:53 GMT; SameSite=None; Secure
clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&request_id=1665023931361&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
46.243.172.93200 OK 27 B URL HTTP/1.1 clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&request_id=1665023931361&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
IP 46.243.172.93:0
File type ASCII text, with no line terminators
Hash 5f631db49306435ae8cdb4d0c36f1263
f8b283d1f2a7b552120b9878d8f15e977aa683b4
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
GET /bid?url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&request_id=1665023931361&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0 HTTP/1.1
Host: clientside-video-bidder.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: text/xml
Content-Length: 27
Connection: keep-alive
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=V-m_rI9xVV5T; Path=/; Domain=.rutarget.ru; Expires=Tue, 04 Apr 2023 02:38:53 GMT; SameSite=None; Secure
Rutarget-SameSite-Cookie: true
Access-Control-Allow-Origin: https://new-days.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
instreamvideo.ru/core/code.xml?pid=845&vr=1&rid=1665023931363&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc&pw=432&ph=243&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&dc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&wobid=36619,37250
139.45.228.102200 OK 0 B URL HTTP/2 instreamvideo.ru/core/code.xml?pid=845&vr=1&rid=1665023931363&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc&pw=432&ph=243&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&dc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&wobid=36619,37250
IP 139.45.228.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /core/code.xml?pid=845&vr=1&rid=1665023931363&ss=SS2yI2WCCQBZ&idntfy=VUNwK1FhRNH1gCc&pw=432&ph=243&dl=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&dc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&wobid=36619,37250 HTTP/1.1
Host: instreamvideo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: idntfy=VUNwK1FhRNH1gCc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: text/xml; charset=utf-8
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 983 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3e53d435536d1557d734a32dd5ccb8f9
710c0caef9ef55ff8d959f938639701e0e4961ad
bebc05b15de27c53ab69e5ab0613b51f23d96e42ef361a2e627e2546669d2249
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sun, 09 Oct 2022 22:54:18 GMT
ETag: "02e469fce9bcaab4d47f37aff7a7da8dfa35a233"
Last-Modified: Wed, 05 Oct 2022 22:54:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 991
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05ff8e48b512-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 6be87a1ebcf1acb94c510c7e72261dfe
25834d2316b3be398cd40cdb7a226e859add5082
ad70b5a11d22e877a0c5ebbe1b980642967d4ba8b3633b4d71154efda659d7b4
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 09 Oct 2022 23:51:56 GMT
ETag: "25834d2316b3be398cd40cdb7a226e859add5082"
Last-Modified: Wed, 05 Oct 2022 23:51:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 761
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b05ffaa1db4eb-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b4ae7fb5425d688640f6761df5e77ee6
ecf9735dd6fdf0983b2b6e0b416fd9fa1bf93e54
77fbec6c07a5c59b1eab253eb38b9f04029d85b3d89ff12966c5ea3bee5b81d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77FBEC6C07A5C59B1EAB253EB38B9F04029D85B3D89FF12966C5EA3BEE5B81D8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Thu, 06 Oct 2022 04:32:19 GMT
Date: Thu, 06 Oct 2022 02:38:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b4ae7fb5425d688640f6761df5e77ee6
ecf9735dd6fdf0983b2b6e0b416fd9fa1bf93e54
77fbec6c07a5c59b1eab253eb38b9f04029d85b3d89ff12966c5ea3bee5b81d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77FBEC6C07A5C59B1EAB253EB38B9F04029D85B3D89FF12966C5EA3BEE5B81D8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Thu, 06 Oct 2022 04:32:19 GMT
Date: Thu, 06 Oct 2022 02:38:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b4ae7fb5425d688640f6761df5e77ee6
ecf9735dd6fdf0983b2b6e0b416fd9fa1bf93e54
77fbec6c07a5c59b1eab253eb38b9f04029d85b3d89ff12966c5ea3bee5b81d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77FBEC6C07A5C59B1EAB253EB38B9F04029D85B3D89FF12966C5EA3BEE5B81D8"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Thu, 06 Oct 2022 04:32:19 GMT
Date: Thu, 06 Oct 2022 02:38:53 GMT
Connection: keep-alive
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid579457259-posid1/
194.226.130.229302 Found 0 B URL HTTP/2 www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid579457259-posid1/
IP 194.226.130.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid579457259-posid1/ HTTP/1.1
Host: www.tns-counter.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: ms-counter-3.3.5/1.20.2
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: image/gif
content-length: 0
location: https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid579457259-posid1/
set-cookie: guid=C03F1419633E3FBDX1665023933; domain=tns-counter.ru; path=/; Max-Age=31536000; SameSite=None; Secure
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
strict-transport-security: max-age=2678400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023933%3At%3A&t=gdpr%2814%29rqnl%282%29ti%282%29
87.250.250.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023933%3At%3A&t=gdpr%2814%29rqnl%282%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 2687c591cc56022e448ab4340c6886c5
1995c215fb4d96a770bc0a018cba256cadaf3dc6
675d3c36687e626e69c05873cc0a7b93df83ea42dec41823664204bbc0ede9b3
GET /watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023933%3At%3A&t=gdpr%2814%29rqnl%282%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.svk-native.ru
Referer: https://widget.svk-native.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 06 Oct 2022 02:38:53 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://widget.svk-native.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:53 GMT
last-modified: Thu, 06-Oct-2022 02:38:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/userip
81.19.89.17200 OK 12 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://new-days.ru
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAL0/PmNNC3gbAUZinAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAL0/PmNNC3gbAUZinAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1A79042EBA3F3E63F600655202F48C1A&bounce=1
89.108.120.68204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1A79042EBA3F3E63F600655202F48C1A&bounce=1
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1A79042EBA3F3E63F600655202F48C1A&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
expires: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 06 Oct 2022 02:38:52 GMT
set-cookie: __upin=E91Xnt5Nr2peUEyFmDYaSg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1665023933;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
hdbcome.com/s5bf22sb.js
31.220.27.155200 OK 9.0 kB IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash c7ea489cc7cf896cee15eb34c0b0612e
188c427053460e26b1c3140e3aae3d93f430b6cf
66dbbc0ca9205bf55d1a897eaa52a83f52f86872c409ac54d06ab81ff4f43537
GET /s5bf22sb.js HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 11:55:19 GMT
vary: Accept-Encoding
etag: W/"633d70a7-5546"
content-encoding: gzip
X-Firefox-Spdy: h2
ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=74&campaignid=11&zoneid=7&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&cb=753c434bde&zones=1|7|4&xcampaigns=::cpaex::between::getintent::default-stub::vox::otm::alfasense::rtbsape::kadam-js::&xsite=5761&xsitename=new-days.ru
136.144.31.29200 OK 111 B URL HTTP/2 ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=74&campaignid=11&zoneid=7&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&cb=753c434bde&zones=1|7|4&xcampaigns=::cpaex::between::getintent::default-stub::vox::otm::alfasense::rtbsape::kadam-js::&xsite=5761&xsitename=new-days.ru
IP 136.144.31.29:0
ASN #52000 Innovation IT Solutions LTD
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58b33962e3520887bc57afc259f77c70
9811feeee9a8f02b47cc54e3b564eb06bfff74b6
b36f25aa32ccb037ac0d343e435d4e5b10c327e1058c9662683440abb2014828
GET /adserver/www/delivery/lg.php?bannerid=74&campaignid=11&zoneid=7&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&cb=753c434bde&zones=1|7|4&xcampaigns=::cpaex::between::getintent::default-stub::vox::otm::alfasense::rtbsape::kadam-js::&xsite=5761&xsitename=new-days.ru HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: image/gif
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: OAID=01000111010001000101000001010010; expires=Fri, 06-Oct-2023 02:38:53 GMT; Max-Age=31536000; path=/; secure; SameSite=none
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
code.directadvert.ru/rtb/winnotice?h=dafe27c4e76b1b7d065f974fc984e56c&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyNjU5MzYiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6OC40OSwiaWQiOjE1MjY1OTM2LCJjcGMiOjEuNX0sInNzcF9jdXIiOiJSVUIiLCJkc3BfY3VyIjoiUlVCIiwiYnAiOjguNDksImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=8.49
95.168.170.7200 OK 43 B URL HTTP/2 code.directadvert.ru/rtb/winnotice?h=dafe27c4e76b1b7d065f974fc984e56c&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyNjU5MzYiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6OC40OSwiaWQiOjE1MjY1OTM2LCJjcGMiOjEuNX0sInNzcF9jdXIiOiJSVUIiLCJkc3BfY3VyIjoiUlVCIiwiYnAiOjguNDksImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=8.49
IP 95.168.170.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /rtb/winnotice?h=dafe27c4e76b1b7d065f974fc984e56c&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyNjU5MzYiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6OC40OSwiaWQiOjE1MjY1OTM2LCJjcGMiOjEuNX0sInNzcF9jdXIiOiJSVUIiLCJkc3BfY3VyIjoiUlVCIiwiYnAiOjguNDksImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=8.49 HTTP/1.1
Host: code.directadvert.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
set-cookie: nid=X6iqB2M+P71/LCj8TKjVAg==; expires=Fri, 06-Oct-23 02:38:53 GMT; domain=directadvert.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/77712670/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A350835035659%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A461666490%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/77712670/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A350835035659%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A461666490%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 1febeb2cdcb1b58e3d03af3dce8801a4
11c1b6dc919723e8667d492d41bffb3fba57325f
c17713702f7cd7f3db3b0db6fe2751cea3de6af99869340574207d1d046453f0
GET /watch/77712670/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A350835035659%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A461666490%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Thu, 06 Oct 2022 02:38:53 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:53 GMT
last-modified: Thu, 06-Oct-2022 02:38:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hdbcome.com/t1be5906.js
31.220.27.155200 OK 118 kB IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Size 118 kB (117464 bytes)
Hash 85965ead0114c28e54e76c117d506296
07177bf114d375b2fdb1831e558068d0d535162d
78da5e7dc3f9f8e41d33bbc4f41b3d396064e8db131a18cbac91b9d1190829c7
GET /t1be5906.js HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 11:55:19 GMT
vary: Accept-Encoding
etag: W/"633d70a7-5546"
content-encoding: gzip
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042EBA3F3E63F600655202F48C1A
195.209.111.19200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042EBA3F3E63F600655202F48C1A
IP 195.209.111.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
tech.rtb.mts.ru/
213.87.44.187204 No Content 0 B IP 213.87.44.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=f57a953f-497e-4c6e-be75-5b224bedf473; Domain=mts.ru; expires=Sat, 14 Aug 2032 02:38:53 GMT; SameSite=None; Secure
mts_id_last_sync=1665023933; Domain=mts.ru; expires=Sat, 14 Aug 2032 02:38:53 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cs.alfasense.com/p?ssp=sg&uid=_BDeTBzm5hw6
23.111.100.20200 OK 35 B URL HTTP/1.1 cs.alfasense.com/p?ssp=sg&uid=_BDeTBzm5hw6
IP 23.111.100.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /p?ssp=sg&uid=_BDeTBzm5hw6 HTTP/1.1
Host: cs.alfasense.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Cookie: uuid=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:38:53 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.100.20
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbcome.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbcome.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1/?cb_url=https%3A%2F%2Fhdbcome.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:53 GMT
content-length: 0
location: https://hdbcome.com/setuid?pm1vTUurZ36EA4a1ruWg
set-cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg; expires=Fri, 06 Oct 2023 02:38:53 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.163200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.163:0
File type C++ source, ASCII text, with very long lines (1792)
Hash 10e6f3bdb6fae70ad38bdf5dbf63ec92
9bc2aed43500f7a96923397c67624983f7593c77
07cfe15791ca91426412f72bbd4300bb7b19b5fd976285a9071861dc3c90e779
GET /mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 13677
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 06:39:23 GMT
expires: Tue, 03 Jan 2023 06:39:23 GMT
cache-control: public, max-age=7776000
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
content-type: text/javascript
age: 71970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid579457259-posid1/
194.226.130.229200 OK 43 B URL HTTP/2 www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid579457259-posid1/
IP 194.226.130.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid579457259-posid1/ HTTP/1.1
Host: www.tns-counter.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ms-counter-3.3.5/1.20.2
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaSsCmtk6ExHtWnOQR-1jyKfyoC7MAtSMLOxoFH6DOyKBvkGujEuBxaw6wSaBJ1jaMHG4taBibvfI2EoMX1nN_9g8NClvw
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaSsCmtk6ExHtWnOQR-1jyKfyoC7MAtSMLOxoFH6DOyKBvkGujEuBxaw6wSaBJ1jaMHG4taBibvfI2EoMX1nN_9g8NClvw
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaSsCmtk6ExHtWnOQR-1jyKfyoC7MAtSMLOxoFH6DOyKBvkGujEuBxaw6wSaBJ1jaMHG4taBibvfI2EoMX1nN_9g8NClvw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 02:38:53 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
code.directadvert.ru/rtb/winnotice?h=0cf6e14f58ee76f6d05d544e05adf838&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyMTM1MjgiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6OC40MDksImlkIjoxNTIxMzUyOCwiY3BjIjoxLjV9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjo4LjQwOSwiZXhwIjoxNjY1MDI3NTMxLCJkc3AiOiJsb2NhbCIsImRzcF9pc19kZWJ1ZyI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzaXRlbGFiZWwiOiJuZXctZGF5cy5ydSIsInRhZyI6WyJncmZfcnRiXzg2MDU4MjEiXX0%3D&ssp=giraffjs&wp=8.409
95.168.170.7200 OK 43 B URL HTTP/2 code.directadvert.ru/rtb/winnotice?h=0cf6e14f58ee76f6d05d544e05adf838&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyMTM1MjgiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6OC40MDksImlkIjoxNTIxMzUyOCwiY3BjIjoxLjV9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjo4LjQwOSwiZXhwIjoxNjY1MDI3NTMxLCJkc3AiOiJsb2NhbCIsImRzcF9pc19kZWJ1ZyI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzaXRlbGFiZWwiOiJuZXctZGF5cy5ydSIsInRhZyI6WyJncmZfcnRiXzg2MDU4MjEiXX0%3D&ssp=giraffjs&wp=8.409
IP 95.168.170.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /rtb/winnotice?h=0cf6e14f58ee76f6d05d544e05adf838&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyMTM1MjgiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6OC40MDksImlkIjoxNTIxMzUyOCwiY3BjIjoxLjV9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjo4LjQwOSwiZXhwIjoxNjY1MDI3NTMxLCJkc3AiOiJsb2NhbCIsImRzcF9pc19kZWJ1ZyI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzaXRlbGFiZWwiOiJuZXctZGF5cy5ydSIsInRhZyI6WyJncmZfcnRiXzg2MDU4MjEiXX0%3D&ssp=giraffjs&wp=8.409 HTTP/1.1
Host: code.directadvert.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
set-cookie: nid=X6iqB2M+P71/LCj8TKj9Ag==; expires=Fri, 06-Oct-23 02:38:53 GMT; domain=directadvert.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaTQcNv7Xkgl2kdKuIQ34g-ru2f4R59D1dVp-GwBMk5qJUcQYsyJx79Nk5sS04FtLmKh3K1x8vgCVrxhJTgfoSZzBObyPw
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaTQcNv7Xkgl2kdKuIQ34g-ru2f4R59D1dVp-GwBMk5qJUcQYsyJx79Nk5sS04FtLmKh3K1x8vgCVrxhJTgfoSZzBObyPw
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaTQcNv7Xkgl2kdKuIQ34g-ru2f4R59D1dVp-GwBMk5qJUcQYsyJx79Nk5sS04FtLmKh3K1x8vgCVrxhJTgfoSZzBObyPw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 02:38:53 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/77712670?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A350835035659%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A461666490%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 513 B URL HTTP/2 mc.yandex.ru/watch/77712670?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A350835035659%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A461666490%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type gzip compressed data\012- data
Hash 7369048b33b75e08d263113d540c5351
8c3423b52b88d8de4c5100de36043180c0d4b2d2
90397a495881ecdc34fe109ce9770601839347feef76b752f2b90b8e04ee30d2
GET /watch/77712670?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A350835035659%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A461666490%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/77712670/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A900%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A0%3Als%3A350835035659%3Ahid%3A387723131%3Az%3A0%3Ai%3A20221006023850%3Aet%3A1665023931%3Ac%3A1%3Arn%3A461666490%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A1268x927%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C88%2C66%2C28%2C285%2C0%2C%2C406%2C2%2C2470%2C2470%2C23%2C921%3Ans%3A1665023926907%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023931%3At%3A%D0%9C%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D0%BF%D1%80%D0%BE%D1%81%D0%BD%D1%83%D0%BB%D1%81%D1%8F.%20%D0%98%20%D0%BC%D0%B5%D0%B4%D0%B2%D0%B5%D0%B4%D1%8C%20%D1%80%D0%B0%D0%B7%D0%BE%D0%B7%D0%BB%D0%B8%D0%BB%D1%81%D1%8F.%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%BB%D1%8F%D0%BD%D0%B0%D0%BC%20%D0%BF%D0%BE%D1%80%D0%B0%20%D0%B1%D0%B5%D0%B6%D0%B0%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D0%BE%20%D1%81%D0%B5%D0%B9%D1%87%D0%B0%D1%81%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 02:38:53 GMT
access-control-allow-origin: https://new-days.ru
set-cookie: yandexuid=5055269791665023933; Expires=Fri, 06-Oct-2023 02:38:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5055269791665023933; Expires=Fri, 06-Oct-2023 02:38:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2029391091665023933; Path=/; SameSite=None; Secure
i=bC+YpExKXVu3dkUCgYMTsqfJYIcBQc7gkOejeFVEaiBSmYNHInxwpsAFXdNZmT/doAY43iPrbQq20K87wmYJoqxPCgc=; Expires=Sun, 03-Oct-2032 02:38:51 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696559933.yrts.1665023933#1696559933.yrtsi.1665023933; Expires=Fri, 06-Oct-2023 02:38:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:53 GMT
last-modified: Thu, 06-Oct-2022 02:38:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
bidder.criteo.com/csm/events
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/csm/events
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csm/events HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 403
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:53 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
hdbcome.com/setuid?pm1vTUurZ36EA4a1ruWg
31.220.27.155200 OK 74 B URL HTTP/2 hdbcome.com/setuid?pm1vTUurZ36EA4a1ruWg
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /setuid?pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: image/png
content-length: 74
set-cookie: dmpUid=pm1vTUurZ36EA4a1ruWg; expires=Fri, 06 Oct 2023 02:38:54 GMT; domain=hdbcome.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
relap.io/api/v7/stat
95.163.37.253200 OK 2 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v7/stat HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
X-Relap-UUID: 00a40a96-5f1f-4780-aed8-58888b99f2e7
Origin: https://new-days.ru
Content-Length: 1860
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023932; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 2
cache-control: max-age=1, no-cache
vary: Origin
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
pragma: no-cache
date: Thu, 06 Oct 2022 02:38:54 GMT
set-cookie: lsts=1665023934; expires=Sun, 03 Oct 2032 02:38:54 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
access-control-allow-origin: https://new-days.ru
x-server: back10
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-expose-headers: X-Relap-Cookie
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
code.directadvert.ru/rtb/winnotice?h=20166c8a94bc3be8d8447426cf6c7d81&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3ODk5MDIiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny45OTcsImlkIjoxNTc4OTkwMiwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny45OTcsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.997
95.168.170.7200 OK 43 B URL HTTP/2 code.directadvert.ru/rtb/winnotice?h=20166c8a94bc3be8d8447426cf6c7d81&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3ODk5MDIiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny45OTcsImlkIjoxNTc4OTkwMiwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny45OTcsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.997
IP 95.168.170.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /rtb/winnotice?h=20166c8a94bc3be8d8447426cf6c7d81&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3ODk5MDIiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny45OTcsImlkIjoxNTc4OTkwMiwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny45OTcsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.997 HTTP/1.1
Host: code.directadvert.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
set-cookie: nid=X6iqB2M+P75/LCj8TKljAg==; expires=Fri, 06-Oct-23 02:38:54 GMT; domain=directadvert.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
code.directadvert.ru/rtb/winnotice?h=1ff4b867858e988528c6509d004f5908&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3ODk5MDQiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny45NTUsImlkIjoxNTc4OTkwNCwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny45NTUsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.955
95.168.170.7200 OK 43 B URL HTTP/2 code.directadvert.ru/rtb/winnotice?h=1ff4b867858e988528c6509d004f5908&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3ODk5MDQiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny45NTUsImlkIjoxNTc4OTkwNCwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny45NTUsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.955
IP 95.168.170.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /rtb/winnotice?h=1ff4b867858e988528c6509d004f5908&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3ODk5MDQiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny45NTUsImlkIjoxNTc4OTkwNCwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny45NTUsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.955 HTTP/1.1
Host: code.directadvert.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
set-cookie: nid=X6iqB2M+P75/LCj8TKmoAg==; expires=Fri, 06-Oct-23 02:38:54 GMT; domain=directadvert.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326605&width=300&height=250&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
31.220.27.155200 OK 0 B URL HTTP/2 hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326605&width=300&height=250&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326605&width=300&height=250&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1A79042EBA3F3E63F600655202F48C1A
213.180.204.90302 Found 20 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1A79042EBA3F3E63F600655202F48C1A
IP 213.180.204.90:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /mapuid/sapeis/1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1A79042EBA3F3E63F600655202F48C1A?redir-setuniq=1
date: Thu, 06 Oct 2022 02:38:52 GMT
set-cookie: yandexuid=6059035831665023932; domain=.yandex.ru; path=/; expires=Sun, 03-Oct-2032 02:38:52 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06 Oct 2022 02:38:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 06 Oct 2022 02:38:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326608&width=300&height=600&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
31.220.27.155200 OK 0 B URL HTTP/2 hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326608&width=300&height=600&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326608&width=300&height=600&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://new-days.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
X-Firefox-Spdy: h2
relap.io/api/v7/recs
95.163.37.253200 OK 193 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 47ed284346a25297203cfd67d279e876
5d6845700f510a62fa15ea07862a57a408cee3a3
2d6bfd81f114424172341b51d70d3dddeee77a037fc75e7d281afd59dc6f6d77
POST /api/v7/recs HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
X-Relap-UUID: 00a40a96-5f1f-4780-aed8-58888b99f2e7
Origin: https://new-days.ru
Content-Length: 3728
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023934; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 193
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date: Thu, 06 Oct 2022 02:38:54 GMT
access-control-allow-origin: https://new-days.ru
access-control-expose-headers: X-Relap-Cookie
pragma: no-cache
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
cache-control: max-age=1, no-cache
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
x-content-type-options: nosniff
vary: Origin
x-server: back11
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-max-age: 1728000
set-cookie: lsts=1665023934; expires=Sun, 03 Oct 2032 02:38:54 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326608&width=300&height=600&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
31.220.27.155204 No Content 0 B URL HTTP/2 hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326608&width=300&height=600&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326608&width=300&height=600&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://new-days.ru
Connection: keep-alive
Cookie: dmpUid=pm1vTUurZ36EA4a1ruWg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
X-Firefox-Spdy: h2
code.directadvert.ru/rtb/winnotice?h=e221587a4ed085eacbd084f842ebdd4d&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyNDU4MjAiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6Ny4yODUsImlkIjoxNTI0NTgyMCwiY3BjIjoxLjV9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjo3LjI4NSwiZXhwIjoxNjY1MDI3NTMxLCJkc3AiOiJsb2NhbCIsImRzcF9pc19kZWJ1ZyI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzaXRlbGFiZWwiOiJuZXctZGF5cy5ydSIsInRhZyI6WyJncmZfcnRiXzg2MDU4MjEiXX0%3D&ssp=giraffjs&wp=7.285
95.168.170.7200 OK 43 B URL HTTP/2 code.directadvert.ru/rtb/winnotice?h=e221587a4ed085eacbd084f842ebdd4d&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyNDU4MjAiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6Ny4yODUsImlkIjoxNTI0NTgyMCwiY3BjIjoxLjV9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjo3LjI4NSwiZXhwIjoxNjY1MDI3NTMxLCJkc3AiOiJsb2NhbCIsImRzcF9pc19kZWJ1ZyI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzaXRlbGFiZWwiOiJuZXctZGF5cy5ydSIsInRhZyI6WyJncmZfcnRiXzg2MDU4MjEiXX0%3D&ssp=giraffjs&wp=7.285
IP 95.168.170.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /rtb/winnotice?h=e221587a4ed085eacbd084f842ebdd4d&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTUyNDU4MjAiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzc2NDgsImNwbSI6Ny4yODUsImlkIjoxNTI0NTgyMCwiY3BjIjoxLjV9LCJzc3BfY3VyIjoiUlVCIiwiZHNwX2N1ciI6IlJVQiIsImJwIjo3LjI4NSwiZXhwIjoxNjY1MDI3NTMxLCJkc3AiOiJsb2NhbCIsImRzcF9pc19kZWJ1ZyI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzaXRlbGFiZWwiOiJuZXctZGF5cy5ydSIsInRhZyI6WyJncmZfcnRiXzg2MDU4MjEiXX0%3D&ssp=giraffjs&wp=7.285 HTTP/1.1
Host: code.directadvert.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
set-cookie: nid=X6iqB2M+P75/LCj8TKnaAg==; expires=Fri, 06-Oct-23 02:38:54 GMT; domain=directadvert.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
code.directadvert.ru/rtb/winnotice?h=c6c0f606f30e90498e82c202a9c45e91&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3MDgxOTIiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny4yMzEsImlkIjoxNTcwODE5MiwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny4yMzEsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.231
95.168.170.7200 OK 43 B URL HTTP/2 code.directadvert.ru/rtb/winnotice?h=c6c0f606f30e90498e82c202a9c45e91&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3MDgxOTIiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny4yMzEsImlkIjoxNTcwODE5MiwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny4yMzEsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.231
IP 95.168.170.7:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /rtb/winnotice?h=c6c0f606f30e90498e82c202a9c45e91&payload=eyJpbXAiOiIyNzczZTU3NjI1MTFmNDE1XzFfMTU3MDgxOTIiLCJzc3AiOiJnaXJhZmZqcyIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZXh0X2FkcF9pZCI6Ijg2MDU4MjE6bmV3LWRheXMucnUiLCJyZWFsX2FkcF9pZCI6ODYwNTgyMSwic2l0ZV9pZCI6Mzg1MjYxMCwiYWRwX3R5cGUiOiJTIiwiYWRzIjp7InR5cGUiOiJkIiwiYnV5ZXJfaWQiOjIyMzE0NjYsImNwbSI6Ny4yMzEsImlkIjoxNTcwODE5MiwiY3BjIjo2fSwic3NwX2N1ciI6IlJVQiIsImRzcF9jdXIiOiJSVUIiLCJicCI6Ny4yMzEsImV4cCI6MTY2NTAyNzUzMSwiZHNwIjoibG9jYWwiLCJkc3BfaXNfZGVidWciOmZhbHNlLCJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2l0ZWxhYmVsIjoibmV3LWRheXMucnUiLCJ0YWciOlsiZ3JmX3J0Yl84NjA1ODIxIl19&ssp=giraffjs&wp=7.231 HTTP/1.1
Host: code.directadvert.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
set-cookie: nid=X6iqB2M+P79/LCj8TKovAg==; expires=Fri, 06-Oct-23 02:38:55 GMT; domain=directadvert.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
z.cdn.adtarget.me/smc?s=22&u=pm1vTUurZ36EA4a1ruWg
212.32.253.229204 No Content 0 B URL HTTP/2 z.cdn.adtarget.me/smc?s=22&u=pm1vTUurZ36EA4a1ruWg
IP 212.32.253.229:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smc?s=22&u=pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: z.cdn.adtarget.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 06 Oct 2022 02:35:07 GMT
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=158&vid=pm1vTUurZ36EA4a1ruWg
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=158&vid=pm1vTUurZ36EA4a1ruWg
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /match?id=158&vid=pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:55 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=daaf4b90102ec8a8314d; expires=Fri, 06 Oct 2023 02:38:54 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=${USER_ID}
176.9.9.10302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=${USER_ID}
IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=${USER_ID} HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ; cSyncDp7v2=1665023930; cSyncDp14v3=1665023930; cSyncDp17=1665023930; cSyncDp32=1665023930; cSyncDp45v3=1665023930; cSyncDp53=1665023930; cSyncDp54v2=1665023930; cSyncDp62=1665023930; cSyncDp67v2=1665023930; cSyncDp68=1665023930; cSyncDp71=1665023930; cSyncDp77=1665023930; cSyncDp84=1665023930; cSyncDp85=1665023930; cSyncDp95v3=1665023930; cSyncDp101=1665023930; cSyncDp104v2=1665023930; cSyncDp107=1665023930; cSyncDp110=1665023930; cSyncDp111v2=1665023930; cSyncDp112v2=1665023930; cSyncDp125v2=1665023930; cSyncDp126=1665023930; cSyncDp127=1665023930; cSyncDp129=1665023930; cSyncDp136v2=1665023930; cSyncDp138=1665023930; cSyncDp144=1665023930; cSyncDp146=1665023930; cSyncDp148=1665023930; cSyncDp149=1665023930; cSyncDp151=1665023930; cSyncDp178=1665023930; cSyncDp179=1665023930; cSyncDp186=1665023930; cSyncDp221=1665023930
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: text/html
content-length: 154
location: https://d.uuidksinc.net/match/383/?remote_uid=1A79042EBA3F3E63F600655202F48C1A
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
dmpprof.com/matching/external/pixel.gif?sid=14&uid=pm1vTUurZ36EA4a1ruWg
85.192.12.173200 OK 43 B URL HTTP/2 dmpprof.com/matching/external/pixel.gif?sid=14&uid=pm1vTUurZ36EA4a1ruWg
IP 85.192.12.173:0
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /matching/external/pixel.gif?sid=14&uid=pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: dmpprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Cookie: nmatch=17_310122209; uid=temp-91.90.42.154-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 06 Oct 2022 02:38:55 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: nmatch=14_pm1vTUurZ36EA4a1ruWg; expires=Thu, 06 Oct 2022 14:38:55 GMT; path=/; secure; SameSite=None
uid=temp-91.90.42.154-; expires=Thu, 06 Oct 2022 04:38:55 GMT; path=/; secure; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35681d889d5425bc315ce39e52ef10ab
3075e89cbdba4bb69704d6d00a197382822d305b
77ce7c3fe95909fc95f8ad4d9f8608696b052dd57d4cba4575f4dc943041d63b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77CE7C3FE95909FC95F8AD4D9F8608696B052DD57D4CBA4575F4DC943041D63B"
Last-Modified: Wed, 05 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7381
Expires: Thu, 06 Oct 2022 04:41:56 GMT
Date: Thu, 06 Oct 2022 02:38:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35681d889d5425bc315ce39e52ef10ab
3075e89cbdba4bb69704d6d00a197382822d305b
77ce7c3fe95909fc95f8ad4d9f8608696b052dd57d4cba4575f4dc943041d63b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77CE7C3FE95909FC95F8AD4D9F8608696B052DD57D4CBA4575F4DC943041D63B"
Last-Modified: Wed, 05 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7381
Expires: Thu, 06 Oct 2022 04:41:56 GMT
Date: Thu, 06 Oct 2022 02:38:55 GMT
Connection: keep-alive
relap.io/api/v7/metrics
95.163.37.253200 OK 2 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v7/metrics HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
Origin: https://new-days.ru
Content-Length: 52
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-max-age: 1728000
set-cookie: unique=aLSriAOQ; expires=Sun, 03 Oct 2032 02:38:55 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
fsts=1665023935; expires=Sun, 03 Oct 2032 02:38:55 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
lsts=1665023935; expires=Sun, 03 Oct 2032 02:38:55 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
suid=54bb8a54f9bb96f26b9e0faa7ce0ff8c21caa493--cc9df493a6bb9c358475fb529e93b4b30e9511932e85b0532b371274f2e15798; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
hllc=1; expires=Fri, 07 Oct 2022 02:38:55 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
date: Thu, 06 Oct 2022 02:38:55 GMT
access-control-allow-origin: https://new-days.ru
vary: Origin
access-control-allow-credentials: true
x-server: back05
pragma: no-cache
x-content-type-options: nosniff
cache-control: max-age=1, no-cache
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
uuidksinc.net/matchx?gdpr=0&gdpr_consent=
31.220.27.135200 OK 1.2 kB URL HTTP/2 uuidksinc.net/matchx?gdpr=0&gdpr_consent=
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2035)
Hash b1118c4b9e0d4a77949eb1e49181263f
9ab99148f98ff72165813ab7ad7d5b3659b66c7b
c674af75b3e04a228c4cb70a544e0a5ee0c892f3a68572a1170b919ca009ce60
GET /matchx?gdpr=0&gdpr_consent= HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=158&vid=pm1vTUurZ36EA4a1ruWg
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=158&vid=pm1vTUurZ36EA4a1ruWg
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /match?id=158&vid=pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 02:38:55 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=2a02eee5438eaf554140; expires=Fri, 06 Oct 2023 02:38:54 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 502
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326607&width=728&height=90&windowWidth=728&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
31.220.27.155200 OK 24 kB URL HTTP/2 hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326607&width=728&height=90&windowWidth=728&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
Hash 0fe435c113a0719d2d1a14ad94a8aab4
2bcc11ad5e1624ea652cdcd2c22f5e2e7621e296
aba26000f55a1922de6d29b30a08a236483c27234767b009f8f5d9af323e4cf7
GET /get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326607&width=728&height=90&windowWidth=728&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://new-days.ru
Connection: keep-alive
Cookie: dmpUid=pm1vTUurZ36EA4a1ruWg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
content-encoding: gzip
X-Firefox-Spdy: h2
i.cdnkimg.com/auto/110x90/image/tesr/2064/64/6324c76edd512t1663354734r3464.jpeg
45.133.44.37200 OK 7.6 kB URL HTTP/2 i.cdnkimg.com/auto/110x90/image/tesr/2064/64/6324c76edd512t1663354734r3464.jpeg
IP 45.133.44.37:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 110x90, components 3\012- data
Hash a0c827bba4fc55e406a75c96af654108
19426b8cb03b8f02fd1d371746b9020a6456d152
0a1e2bca5c2ef496a4f8f537dd8f53b6f619a4b8fd1bc2a20b3dd72bc8a6cf73
GET /auto/110x90/image/tesr/2064/64/6324c76edd512t1663354734r3464.jpeg HTTP/1.1
Host: i.cdnkimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 7618
server: nginx/1.19.0
cache-control: max-age=1209600
x-cache-status: MISS
expires: Thu, 20 Oct 2022 02:38:55 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A405477%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A807891217%3Arqn%3A2%3Au%3A166502393142325077%3Aw%3A300x250%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C147%3Ans%3A1665023933213%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A405477%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A807891217%3Arqn%3A2%3Au%3A166502393142325077%3Aw%3A300x250%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C147%3Ans%3A1665023933213%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 91a1b8d6cf65c523b4c20b40528127cc
396a85f6b46879a5309c0759cb37fef5fbc8c4fe
aee3ed166c7bc00dcfd076fc02f9ce5bb4109413ec498aec5a12595f14ddaf98
GET /watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A405477%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A807891217%3Arqn%3A2%3Au%3A166502393142325077%3Aw%3A300x250%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C147%3Ans%3A1665023933213%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/73418029/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A405477%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A807891217%3Arqn%3A2%3Au%3A166502393142325077%3Aw%3A300x250%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C147%3Ans%3A1665023933213%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 02:38:55 GMT
access-control-allow-origin: https://new-days.ru
set-cookie: yandexuid=7909411931665023935; Expires=Fri, 06-Oct-2023 02:38:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7909411931665023935; Expires=Fri, 06-Oct-2023 02:38:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1499391511665023935; Path=/; SameSite=None; Secure
i=UQAUA8YsqmAPtPN77+LKyIjZGDHzVeSj71X47jIVE8eq6Kcnmh7Ia4dNI7Z/vngA9rHig00Zuvewgs75yj+UfYwnpJ4=; Expires=Sun, 03-Oct-2032 02:38:53 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696559935.yrts.1665023935#1696559935.yrtsi.1665023935; Expires=Fri, 06-Oct-2023 02:38:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:55 GMT
last-modified: Thu, 06-Oct-2022 02:38:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
uuidksinc.net/matchx?gdpr=0&gdpr_consent=
31.220.27.135200 OK 2.5 kB URL HTTP/2 uuidksinc.net/matchx?gdpr=0&gdpr_consent=
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash df8e6887e6f949ae416f66e539fc537d
aa251e8ef3b6ecd9d405b2e28a2c7ca400a71805
0226c9992d1a746cb2bf5bffbe659c558ab7194a5af313498ce1615e7b58f55f
GET /matchx?gdpr=0&gdpr_consent= HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A739937105%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A829565668%3Arqn%3A3%3Au%3A166502393142325077%3Aw%3A300x600%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C133%3Ans%3A1665023933230%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A739937105%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A829565668%3Arqn%3A3%3Au%3A166502393142325077%3Aw%3A300x600%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C133%3Ans%3A1665023933230%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash cd91925d5c4aa0dc21c6282f6afd207d
2203684b977739cc295301c8e885ea99f6af7014
c922e0b562d5c75d7e5ddf937fce4e16a7c7de68cbd28c64c4d81fadac11d97f
GET /watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A739937105%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A829565668%3Arqn%3A3%3Au%3A166502393142325077%3Aw%3A300x600%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C133%3Ans%3A1665023933230%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/73418029/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A739937105%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A829565668%3Arqn%3A3%3Au%3A166502393142325077%3Aw%3A300x600%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C133%3Ans%3A1665023933230%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665023935%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 02:38:55 GMT
access-control-allow-origin: https://new-days.ru
set-cookie: yandexuid=2622188681665023935; Expires=Fri, 06-Oct-2023 02:38:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2622188681665023935; Expires=Fri, 06-Oct-2023 02:38:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1960045441665023935; Path=/; SameSite=None; Secure
i=wKInQDdS41Vyu7IJgzsohY+vsqg9ABlc2s0o4MDnF4nbHc4gCcJ+bb1XWmQWjnPsmGlAMqk8RGUIrvshwdH3o8k2v4s=; Expires=Sun, 03-Oct-2032 02:38:43 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696559935.yrts.1665023935#1696559935.yrtsi.1665023935; Expires=Fri, 06-Oct-2023 02:38:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:55 GMT
last-modified: Thu, 06-Oct-2022 02:38:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
data.giraff.io/hit/new-daysru?u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&tag=pv_rtb&tag=ws_rtb_1&ht=5884&rand=0.6634328785738803
92.53.64.248200 OK 0 B URL HTTP/2 data.giraff.io/hit/new-daysru?u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&tag=pv_rtb&tag=ws_rtb_1&ht=5884&rand=0.6634328785738803
IP 92.53.64.248:0
ASN #49505 OOO Network of data-centers Selectel
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit/new-daysru?u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&tag=pv_rtb&tag=ws_rtb_1&ht=5884&rand=0.6634328785738803 HTTP/1.1
Host: data.giraff.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: gid=XDVA+GM+P7oRI0tZBC3MAg==; nid=Xkvqc2M+P7sIGzpIShSRAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
d.uuidksinc.net/match/383/?remote_uid=1A79042EBA3F3E63F600655202F48C1A
31.220.27.135200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/383/?remote_uid=1A79042EBA3F3E63F600655202F48C1A
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/383/?remote_uid=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=3~l8wg9eb0&c=2941730899119&slotId=1470865449559.5&fb=ima_html5-lima&sdkv=h.3.503.0&mrd=4&aab=1&itv=1&gpm_i=0&gpm_c=0&gpm_a=0&uet=2&met.4=err.l8wg9eb2&aec=403&rec=verificationNotExecuted-1%7Cerror-1
142.251.107.94204 No Content 1.5 kB URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=3~l8wg9eb0&c=2941730899119&slotId=1470865449559.5&fb=ima_html5-lima&sdkv=h.3.503.0&mrd=4&aab=1&itv=1&gpm_i=0&gpm_c=0&gpm_a=0&uet=2&met.4=err.l8wg9eb2&aec=403&rec=verificationNotExecuted-1%7Cerror-1
IP 142.251.107.94:0
Hash ad295906b5504c9c774a4631c57ebf6e
a07b9d293f25e3b71a227f40880bcb68ebd8b152
09d83870f21826ba4018d89d93e200ea2da25aa0f26fa0ea563b587b3ac742a6
POST /csi?v=2&s=ima&puid=3~l8wg9eb0&c=2941730899119&slotId=1470865449559.5&fb=ima_html5-lima&sdkv=h.3.503.0&mrd=4&aab=1&itv=1&gpm_i=0&gpm_c=0&gpm_a=0&uet=2&met.4=err.l8wg9eb2&aec=403&rec=verificationNotExecuted-1%7Cerror-1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://relap.mail.ru
Connection: keep-alive
Referer: https://relap.mail.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 06 Oct 2022 02:38:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326605&width=300&height=250&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
31.220.27.155200 OK 2.8 kB URL HTTP/2 hdbcome.com/get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326605&width=300&height=250&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad
IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6814), with no line terminators
Hash c1816ae2875922b47a701d5e44bb3581
031fb435fb93465044ec4e10439c0883fe50b27b
48f007d958d85d130c02e5975e58614a4e2a022a1abf412f89c19fa7e783d5bb
GET /get_data?v=default&page=https%253A%252F%252Fnew-days.ru%252F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%252F&domain=new-days.ru&blockID=326605&width=300&height=250&windowWidth=300&gdpr=0&gdprConsent=&limit=1&format=json&sspUid=a7bf82c1-e317-463a-ae76-a33a274a26ad HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://new-days.ru
Connection: keep-alive
Cookie: dmpUid=pm1vTUurZ36EA4a1ruWg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://new-days.ru
content-encoding: gzip
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~l8wg9dt0&c=2941730899119&slotId=1470865449559.5&fb=ima_html5-lima&sdkv=h.3.503.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=0&vhc=0&ghmsh_eids=44750813
142.251.107.94204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~l8wg9dt0&c=2941730899119&slotId=1470865449559.5&fb=ima_html5-lima&sdkv=h.3.503.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=0&vhc=0&ghmsh_eids=44750813
IP 142.251.107.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~l8wg9dt0&c=2941730899119&slotId=1470865449559.5&fb=ima_html5-lima&sdkv=h.3.503.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=0&vhc=0&ghmsh_eids=44750813 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://relap.mail.ru
Connection: keep-alive
Referer: https://relap.mail.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 06 Oct 2022 02:38:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
da.codenet.one/cdn/images/240x300/53/11176853.jpg
104.22.33.177200 OK 30 kB URL HTTP/2 da.codenet.one/cdn/images/240x300/53/11176853.jpg
IP 104.22.33.177:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 240x300, components 3\012- data
Hash 9c5db1b2252c0af5b253cd871a7efa97
58ad29969d277304a0769d805a8de0b974154cde
bbd8a6a540a9e14c5333c5013899aced593dedf0e03644c4d6d9e824fe9ddfa4
GET /cdn/images/240x300/53/11176853.jpg HTTP/1.1
Host: da.codenet.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 30522
cache-control: max-age=2592000
cf-bgj: h2pri
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
etag: "63358c6a-773a"
expires: Sun, 30 Oct 2022 14:00:45 GMT
last-modified: Thu, 29 Sep 2022 12:15:38 GMT
cf-cache-status: HIT
age: 477490
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060e2ce595ea-ARN
X-Firefox-Spdy: h2
da.codenet.one/cdn/images/240x300/95/10724795.jpg
104.22.33.177200 OK 37 kB URL HTTP/2 da.codenet.one/cdn/images/240x300/95/10724795.jpg
IP 104.22.33.177:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 240x300, components 3\012- data
Hash e67733bcbb744ebe00dd3dff7a127f7b
a9e867642ffa0222ed617374d88275c5f976b065
aa001e892a8514e9f105ff526e0ef6398f1e2b2e930809e5f9001c1d82ee7dd4
GET /cdn/images/240x300/95/10724795.jpg HTTP/1.1
Host: da.codenet.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 37431
cache-control: max-age=2592000
cf-bgj: h2pri
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
etag: "632b9762-9237"
expires: Sun, 30 Oct 2022 01:28:23 GMT
last-modified: Wed, 21 Sep 2022 22:59:46 GMT
cf-cache-status: HIT
age: 522632
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060e4cf295ea-ARN
X-Firefox-Spdy: h2
da.codenet.one/cdn/images/240x300/83/10671083.jpg
104.22.33.177200 OK 29 kB URL HTTP/2 da.codenet.one/cdn/images/240x300/83/10671083.jpg
IP 104.22.33.177:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 240x300, components 3\012- data
Hash 6ebfe86b2150e2f9cd8b25950431c6fe
17b52cb7e00cef2e94e952af65c00b036ddcd1fd
046dff5c6ca754d61dbd9f30ee0ae887b41b906e77c503ae149de277f4f8615b
GET /cdn/images/240x300/83/10671083.jpg HTTP/1.1
Host: da.codenet.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 28571
cache-control: max-age=2592000
cf-bgj: h2pri
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
etag: "631ab334-6f9b"
expires: Sun, 16 Oct 2022 16:50:58 GMT
last-modified: Fri, 09 Sep 2022 03:29:56 GMT
cf-cache-status: HIT
age: 1676877
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060e4cf395ea-ARN
X-Firefox-Spdy: h2
da.codenet.one/cdn/images/240x300/61/11259861.jpg
104.22.33.177200 OK 30 kB URL HTTP/2 da.codenet.one/cdn/images/240x300/61/11259861.jpg
IP 104.22.33.177:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 240x300, components 3\012- data
Hash b4d7494c277e466932691bec543822b3
1ecb86520178794f80923b9a7f86788eced1ac6b
7d1dbbef9613458ad078f3b46fe3ef9285c7c315ab0a83306531826a95a8ad1f
GET /cdn/images/240x300/61/11259861.jpg HTTP/1.1
Host: da.codenet.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 30494
cache-control: max-age=2592000
cf-bgj: h2pri
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
etag: "633aaf3c-771e"
expires: Wed, 02 Nov 2022 09:52:29 GMT
last-modified: Mon, 03 Oct 2022 09:45:32 GMT
cf-cache-status: HIT
age: 233186
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060e5cfa95ea-ARN
X-Firefox-Spdy: h2
da.codenet.one/cdn/images/240x300/63/11259863.jpg
104.22.33.177200 OK 32 kB URL HTTP/2 da.codenet.one/cdn/images/240x300/63/11259863.jpg
IP 104.22.33.177:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 240x300, components 3\012- data
Hash 4ab7a9e0a5c5f2bac39c80c5201720d0
7fb9c52ef5b4404cc7e5f629cb40bae4743399c4
2a21f6f8ce9bf770b56f8bd47204a024d1996bbb5c27d0b6973a48e57722ca1b
GET /cdn/images/240x300/63/11259863.jpg HTTP/1.1
Host: da.codenet.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 31661
cache-control: max-age=2592000
cf-bgj: h2pri
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
etag: "633ab704-7bad"
expires: Wed, 02 Nov 2022 10:32:15 GMT
last-modified: Mon, 03 Oct 2022 10:18:44 GMT
cf-cache-status: HIT
age: 230800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060e5cfd95ea-ARN
X-Firefox-Spdy: h2
da.codenet.one/cdn/images/240x300/70/10704170.jpg
104.22.33.177200 OK 42 kB URL HTTP/2 da.codenet.one/cdn/images/240x300/70/10704170.jpg
IP 104.22.33.177:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 240x300, components 3\012- data
Hash 6f0e02ddc54fef5e6249a8106ee4aa3a
f937ae855dc2e669940b74e6eeddce4db4d2db07
0967d5124bae94d7540261f88105e9f160ffc631a6b67baea18006f68f5df7de
GET /cdn/images/240x300/70/10704170.jpg HTTP/1.1
Host: da.codenet.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 41594
cache-control: max-age=2592000
cf-bgj: h2pri
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
etag: "6336904f-a27a"
expires: Fri, 04 Nov 2022 10:18:09 GMT
last-modified: Fri, 30 Sep 2022 06:44:31 GMT
cf-cache-status: HIT
age: 58845
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060e7d0c95ea-ARN
X-Firefox-Spdy: h2
da.codenet.one/cdn/images/240x300/81/10745881.jpg
104.22.33.177200 OK 32 kB URL HTTP/2 da.codenet.one/cdn/images/240x300/81/10745881.jpg
IP 104.22.33.177:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 240x300, components 3\012- data
Hash 3aef50160ef1f062e401bbbacbb0444d
1677cabaf88d108ac3f753b37ca7db0242f50ba8
de25327477104539788de4683fa8bcdc4992856b492d564cd03fad7134a3bb4c
GET /cdn/images/240x300/81/10745881.jpg HTTP/1.1
Host: da.codenet.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/jpeg
content-length: 32488
last-modified: Wed, 05 Oct 2022 09:16:18 GMT
etag: "633d4b62-7ee8"
expires: Sat, 05 Nov 2022 02:38:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060e2ce495ea-ARN
X-Firefox-Spdy: h2
uuidksinc.net/matchx?gdpr=0&gdpr_consent=
31.220.27.135200 OK 4.8 kB URL HTTP/2 uuidksinc.net/matchx?gdpr=0&gdpr_consent=
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13101)
Hash 07068112ab02016680d47c4da1d722d8
8745bb24a83043de5c8d7c7f31c821460981a72e
a2ebbd97bf7a0ca12d5c70fdd359729baa90c591737c94fc3f5ec328f699eb27
GET /matchx?gdpr=0&gdpr_consent= HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: jcsuuid=pm1vTUurZ36EA4a1ruWg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 15d69e9e37a5074bcad19f9279b48e0e
0374a2815f676f8ae290789b4812caef5333695c
09ef9b3b01f3989bc9f426a796dcab2b54b5358e46e8314ca621576ec3134903
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09EF9B3B01F3989BC9F426A796DCAB2B54B5358E46E8314CA621576EC3134903"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5860
Expires: Thu, 06 Oct 2022 04:16:35 GMT
Date: Thu, 06 Oct 2022 02:38:55 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.426821519403205
185.15.175.159307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/6573/i/i?a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.426821519403205
IP 185.15.175.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/6573/i/i?a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.426821519403205 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 06 Oct 2022 02:38:55 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.426821519403205
Set-Cookie: viuserid=tKJLdlMJLvk8D1R73aBH; Max-Age=93312000; Expires=Sat, 20 Sep 2025 02:38:55 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
code.giraff.io/data/logo.svg
172.67.26.199200 OK 2.7 kB URL HTTP/2 code.giraff.io/data/logo.svg
IP 172.67.26.199:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6553), with no line terminators
Hash 710b6d625b29e2d0e23d401f983b9117
948d2ab8f3f451ee2119c80f29283b23ac63e80d
d148b9b34bed5b87746e241f61a2b799daee12a0d2d413dbc5b6d4d9a97704b3
GET /data/logo.svg HTTP/1.1
Host: code.giraff.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: gid=XDVA+GM+P7oRI0tZBC3MAg==; nid=Xkvqc2M+P7sIGzpIShSRAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: image/svg+xml
last-modified: Sat, 02 Jul 2022 14:10:00 GMT
etag: W/"62c051b8-1999"
expires: Thu, 06 Oct 2022 02:39:15 GMT
cache-control: max-age=60
access-control-allow-origin: *
cf-cache-status: HIT
age: 40
vary: Accept-Encoding
server: cloudflare
cf-ray: 755b060d4b420b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/kadamis/pm1vTUurZ36EA4a1ruWg
213.180.204.90302 Found 20 B URL HTTP/2 an.yandex.ru/mapuid/kadamis/pm1vTUurZ36EA4a1ruWg
IP 213.180.204.90:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /mapuid/kadamis/pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/kadamis/pm1vTUurZ36EA4a1ruWg?redir-setuniq=1
date: Thu, 06 Oct 2022 02:38:55 GMT
set-cookie: yandexuid=2500956501665023935; domain=.yandex.ru; path=/; expires=Sun, 03-Oct-2032 02:38:55 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06 Oct 2022 02:38:55 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 06 Oct 2022 02:38:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
relap.io/api/v7/stat
95.163.37.253200 OK 2 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v7/stat HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
X-Relap-UUID: 00a40a96-5f1f-4780-aed8-58888b99f2e7
Origin: https://new-days.ru
Content-Length: 1847
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023935; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 2
access-control-expose-headers: X-Relap-Cookie
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
vary: Origin
cache-control: max-age=1, no-cache
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
date: Thu, 06 Oct 2022 02:38:55 GMT
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server: back04
x-content-type-options: nosniff
access-control-allow-origin: https://new-days.ru
set-cookie: lsts=1665023935; expires=Sun, 03 Oct 2032 02:38:55 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
access-control-max-age: 1728000
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
access-control-allow-credentials: true
pragma: no-cache
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=815001&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4411497963
95.163.41.56200 OK 158 B URL HTTP/2 ad.mail.ru/adq/?q=815001&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4411497963
IP 95.163.41.56:0
Hash e8b67905a908a92e73cf9266671eb7c3
44f5d74773c135cfede97ad6b0e54f317d2561a1
14bbc38e59e1cce282d5d9670b0ed2f01a29f2381a5f5401af27dcd441c0df9b
GET /adq/?q=815001&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4411497963 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=814991&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5759925201
95.163.41.56200 OK 158 B URL HTTP/2 ad.mail.ru/adq/?q=814991&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5759925201
IP 95.163.41.56:0
Hash 0563eb40272a06b5a56f72f40c59ca3f
e91bed987dbb3f41dc0cff4d4ee5b6d8f0cd92ae
40fe6e9ba513ee6f2af2700002ff0993708be05883e988780b9f93b920e604fc
GET /adq/?q=814991&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5759925201 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
relap.io/api/v7/recs
95.163.37.253200 OK 193 B IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ed4ef1b754b6c2ad972b3adda820e6c
088377ed01ebd1398e1a5783d92a536e4468892d
3a991ca0f1d43834b91a95e3af4387e79ca565059501adb7d9746c28088e6677
POST /api/v7/recs HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
X-Relap-UUID: 00a40a96-5f1f-4780-aed8-58888b99f2e7
Origin: https://new-days.ru
Content-Length: 3471
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023935; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 193
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
x-server: back08
pragma: no-cache
access-control-allow-origin: https://new-days.ru
set-cookie: lsts=1665023935; expires=Sun, 03 Oct 2032 02:38:55 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
vary: Origin
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
date: Thu, 06 Oct 2022 02:38:55 GMT
access-control-expose-headers: X-Relap-Cookie
cache-control: max-age=1, no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.21816616278461487
185.15.175.159307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/6573/i/i?a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.21816616278461487
IP 185.15.175.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/6573/i/i?a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.21816616278461487 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 06 Oct 2022 02:38:55 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.21816616278461487
Set-Cookie: viuserid=8XWR2zZJ2S1UT777o9F7; Max-Age=93312000; Expires=Sat, 20 Sep 2025 02:38:55 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
fcgi4.gnezdo.ru/cookie_matching/kadam/pm1vTUurZ36EA4a1ruWg
93.95.102.105302 Found 50 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/pm1vTUurZ36EA4a1ruWg
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
File type gzip compressed data, from Unix\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /cookie_matching/kadam/pm1vTUurZ36EA4a1ruWg HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam/pm1vTUurZ36EA4a1ruWg/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWM+P786I4Y1XQ4vAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.21816616278461487
185.15.175.159200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.21816616278461487
IP 185.15.175.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/6573/i/i?call_source=awg&a=662&e=pm1vTUurZ36EA4a1ruWg&i=0.21816616278461487 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:56 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
tag.digitaltarget.ru/processor.js?i=11738443061173
185.15.175.146200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=11738443061173
IP 185.15.175.146:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 9d8bbf9b7d1aaed9a324a9cf9977dda4
d3365fba7f95ca11a9564b373162d1ddb06fcdbd
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
GET /processor.js?i=11738443061173 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:38:56 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 06 Oct 2022 02:34:32 GMT
Connection: keep-alive
ETag: "633e3eb8-3e14"
Accept-Ranges: bytes
kraken.rambler.ru/cnt/?et=pv&v=3.11.2&pid=7627570&tid=t1.7627570.87357921.1665023933255&rid=1665023933.255-742377898&fid=pA8AAENKs1eWIFIAAWYKCwA%3D&fip=pA8AAENKs1eokflVAQUXcgA%3D&aduid=c41c9159-cd57-453b-a7e0-23d8fa83aca1&aduidsc=new-days.ru&stid=1976491420_1665023933256&sn=1&sen=1&en=1&ce=1&bs=0x0&rf&pt&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&eid=287039361543321&meta=%7B%22is_first%22%3A1%7D&rn=555018504
81.19.89.17200 OK 43 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.11.2&pid=7627570&tid=t1.7627570.87357921.1665023933255&rid=1665023933.255-742377898&fid=pA8AAENKs1eWIFIAAWYKCwA%3D&fip=pA8AAENKs1eokflVAQUXcgA%3D&aduid=c41c9159-cd57-453b-a7e0-23d8fa83aca1&aduidsc=new-days.ru&stid=1976491420_1665023933256&sn=1&sen=1&en=1&ce=1&bs=0x0&rf&pt&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&eid=287039361543321&meta=%7B%22is_first%22%3A1%7D&rn=555018504
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cnt/?et=pv&v=3.11.2&pid=7627570&tid=t1.7627570.87357921.1665023933255&rid=1665023933.255-742377898&fid=pA8AAENKs1eWIFIAAWYKCwA%3D&fip=pA8AAENKs1eokflVAQUXcgA%3D&aduid=c41c9159-cd57-453b-a7e0-23d8fa83aca1&aduidsc=new-days.ru&stid=1976491420_1665023933256&sn=1&sen=1&en=1&ce=1&bs=0x0&rf&pt&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&ct=web&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&eid=287039361543321&meta=%7B%22is_first%22%3A1%7D&rn=555018504 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 06 Oct 2022 02:38:56 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAMA/PmNcCniUActVxQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAMA/PmNcCniUActVxQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
relap.io/api/v7/page_close
95.163.37.253200 OK 2 B URL HTTP/2 relap.io/api/v7/page_close
IP 95.163.37.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v7/page_close HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------105695704510283392571288068813
Content-Length: 1155
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023935; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
content-length: 2
date: Thu, 06 Oct 2022 02:38:56 GMT
cache-control: max-age=1, no-cache
x-server: back09
pragma: no-cache
access-control-max-age: 1728000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
set-cookie: lsts=1665023936; expires=Sun, 03 Oct 2032 02:38:56 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
x-content-type-options: nosniff
vary: Origin
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
strict-transport-security: max-age=5184000; includeSubdomains;
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/1093/i/i?i=50068016423184.288437560660705&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.159307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=50068016423184.288437560660705&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=50068016423184.288437560660705&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 06 Oct 2022 02:38:56 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=50068016423184.288437560660705&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=.HhPNeWJ2RgPCOv7lEfJ; Max-Age=93312000; Expires=Sat, 20 Sep 2025 02:38:56 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=50068016423184.122993729105744&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.159307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=50068016423184.122993729105744&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=50068016423184.122993729105744&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 06 Oct 2022 02:38:56 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=50068016423184.122993729105744&a=77&e=1A79042EBA3F3E63F600655202F48C1A&pref=https%3A%2F%2Fnew-days.ru%2F&c=ss:77.up:1A79042EBA3F3E63F600655202F48C1A.sync:up.xdua:duwzvcC9xCMVQIIMh6V5XN2o.xps:xps6gQRzW1tPsXCZzdqO0fi9J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=TiFp5VuJ2fmFwrk7oc.1; Max-Age=93312000; Expires=Sat, 20 Sep 2025 02:38:56 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
data.giraff.io/reading/new-daysru/?u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rand=0.05838039725635524&rt=5&sd=0&crt=5&csd=0&ts=1&time=1665023930017.17&ok=1&vk=0
92.53.64.248200 OK 0 B URL HTTP/2 data.giraff.io/reading/new-daysru/?u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rand=0.05838039725635524&rt=5&sd=0&crt=5&csd=0&ts=1&time=1665023930017.17&ok=1&vk=0
IP 92.53.64.248:0
ASN #49505 OOO Network of data-centers Selectel
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reading/new-daysru/?u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rand=0.05838039725635524&rt=5&sd=0&crt=5&csd=0&ts=1&time=1665023930017.17&ok=1&vk=0 HTTP/1.1
Host: data.giraff.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: gid=XDVA+GM+P7oRI0tZBC3MAg==; nid=Xkvqc2M+P7sIGzpIShSRAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
146.0.227.107302 Found 92 kB URL HTTP/1.1 ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
IP 146.0.227.107:0
ASN #20773 Host Europe GmbH
Hash cc8bb70ef0615c9055910655bfb00376
d1630c4b1bd0b3fc6f5ac3a5ecb9ba188aa2a73d
3016c5693a7ce53b2d16d096ffd3b692ab5aa020407104d9b037d36bd25459f9
GET /adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1 HTTP/1.1
Host: ads.go2net.com.ua
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 06 Oct 2022 02:38:56 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Xss-Protection: 0
P3p: CP="NID DSP ALL COR"
Location: https://s.uuidksinc.net/match/760/afe168fb5fd94e08b6107226b2ea085e
Set-Cookie: am-uid=afe168fb5fd94e08b6107226b2ea085e; expires=Wed, 04 Jan 2023 02:38:56 GMT; domain=ads.go2net.com.ua; secure; SameSite=None
Keep-Alive: timeout=25
widget.svk-native.ru/visitor-match/match-network?network_id=5
65.109.36.34302 Found 0 B URL HTTP/2 widget.svk-native.ru/visitor-match/match-network?network_id=5
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
GET /visitor-match/match-network?network_id=5 HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.svk-native.ru/visitor-match/match-all
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=53ee1cf9785d080a9c41c8a78d90df647c52780a1c4ca24c8034661cfcb628c9a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bi%3A2732863%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
location: https://s.uuidksinc.net/match/598/?remote_uid=2904417584
x-upstream: unix:/run/haproxy-phpfpm-default.sock
X-Firefox-Spdy: h2
cdn-rtb.sape.ru/rtb-b/js/999/2/121999.js
95.181.171.233200 OK 0 B URL HTTP/2 cdn-rtb.sape.ru/rtb-b/js/999/2/121999.js
IP 95.181.171.233:0
GET /rtb-b/js/999/2/121999.js HTTP/1.1
Host: cdn-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: block-all-mixed-content
etag: W/"062c0c9e5582df7355368b4329a9a0f4"
last-modified: Mon, 03 Oct 2022 02:02:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 171A6D540B8DE8CF
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
expires: Thu, 06 Oct 2022 03:38:48 GMT
cache-control: max-age=3600
x-cache-status: HIT
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=815003&cpm_floor=3000&sitename=new-days.ru&count=4
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adp/?q=815003&cpm_floor=3000&sitename=new-days.ru&count=4
IP 95.163.41.56:0
GET /adp/?q=815003&cpm_floor=3000&sitename=new-days.ru&count=4 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
widget.svk-native.ru/counters/?utm_source=104001533
65.109.36.34200 OK 0 B URL HTTP/2 widget.svk-native.ru/counters/?utm_source=104001533
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
GET /counters/?utm_source=104001533 HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=68e4cb5a0cb99bcc5f98f5093821877cbe706349680da4de83f9bdb902bfb22aa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bs%3A7%3A%222732863%22%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-upstream: unix:/run/haproxy-phpfpm-default.sock
content-encoding: gzip
X-Firefox-Spdy: h2
new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/
104.21.75.139200 OK 0 B URL HTTP/2 new-days.ru/21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/
IP 104.21.75.139:0
GET /21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas/ HTTP/1.1
Host: new-days.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:47 GMT
content-type: text/html; charset=UTF-8
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Thu, 06 Oct 2022 02:06:58 GMT
x-frame-options: SAMEORIGIN
x-fastcgi-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYOg1RTeoqXh%2B5W%2B1ukgfr6zGNdHd0xdaE1l0mvR6ZC%2FoXgmcSjJu%2FA3NbNk91mYRt%2FoyVuLd29uIz8WhGCC0vbFwZDaoa%2B9tNL3catuTHoVyTnFJRpOyPrqT4yCfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755b05d9bfc9b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.alfasense.net/js/layout_1073.js
136.144.31.36200 OK 0 B URL HTTP/2 cdn.alfasense.net/js/layout_1073.js
IP 136.144.31.36:0
ASN #52000 Innovation IT Solutions LTD
GET /js/layout_1073.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 09:39:19 GMT
etag: W/"6332c4c7-bf08"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=dd92c318b574e2af8018c0207c5098f9; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=1A79042EBA3F3E63F600655202F48C1A
95.211.66.35200 OK 0 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=1A79042EBA3F3E63F600655202F48C1A
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /merge_gpsid/?sid=50&id=1A79042EBA3F3E63F600655202F48C1A HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=732881&cpm_floor=100&sitename=new-days.ru&count=4
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adp/?q=732881&cpm_floor=100&sitename=new-days.ru&count=4
IP 95.163.41.56:0
GET /adp/?q=732881&cpm_floor=100&sitename=new-days.ru&count=4 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=166310&cpm_floor=5000&sitename=new-days.ru&count=1&callback=window.relapCbRegistry.relapCb6066845478
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=166310&cpm_floor=5000&sitename=new-days.ru&count=1&callback=window.relapCbRegistry.relapCb6066845478
IP 95.163.41.56:0
GET /adq/?q=166310&cpm_floor=5000&sitename=new-days.ru&count=1&callback=window.relapCbRegistry.relapCb6066845478 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.196.115200 OK 0 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.196.115:0
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 389
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=58cbcdd5-b48f-5217-98d0-dfacfbeee010; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vAADtTjkgfCqAA6sS8BRAUzA4AWXaRCSLg==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=14
176.9.9.10200 OK 0 B IP 176.9.9.10:0
ASN #24940 Hetzner Online GmbH
GET /mc/?dp=14 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: aid=LgR5GmM+P7pSZQD2Goz0AqxhQXDEake8YKH8d7kPK5JKBcFZ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1665023930; expires=Fri, 07-Oct-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1665023930; expires=Thu, 20-Oct-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1665023930; expires=Thu, 20-Oct-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1665023930; expires=Thu, 20-Oct-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1665023930; expires=Fri, 21-Oct-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1665023930; expires=Sat, 05-Nov-22 02:38:50 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
code.giraff.io/data/widget-new-daysru.js
172.67.26.199200 OK 0 B URL HTTP/2 code.giraff.io/data/widget-new-daysru.js
IP 172.67.26.199:0
GET /data/widget-new-daysru.js HTTP/1.1
Host: code.giraff.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 12 Sep 2022 12:45:14 GMT
vary: Accept-Encoding
etag: W/"631f29da-175a7"
expires: Thu, 06 Oct 2022 02:39:48 GMT
cache-control: max-age=60
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 755b05de4bca0b69-OSL
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=732879&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4368170796
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=732879&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4368170796
IP 95.163.41.56:0
GET /adq/?q=732879&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4368170796 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
217.20.147.3200 OK 0 B URL HTTP/2 connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 217.20.147.3:0
GET /dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: connect.ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=6095396085005762718; Domain=.ok.ru; Expires=Tue, 24-Oct-2090 05:52:59 GMT; Path=/; Secure; HttpOnly
_statid=72380ffe-e2a7-4e46-9c88-6b0d50daecf2; Domain=.ok.ru; Expires=Tue, 24-Oct-2090 05:52:59 GMT; Path=/; Secure; HttpOnly
landref=new-days.ru; Domain=.ok.ru; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
content-encoding: br
X-Firefox-Spdy: h2
hdbcome.com/97a97ntq.js
31.220.27.155200 OK 0 B IP 31.220.27.155:0
ASN #39572 DataWeb Global Group B.V.
GET /97a97ntq.js HTTP/1.1
Host: hdbcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 11:55:19 GMT
vary: Accept-Encoding
etag: W/"633d70a7-5546"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/N2Y4NWFhNGY3M2Q0ZmQ0NQ?redir-setuniq=1
213.180.204.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/N2Y4NWFhNGY3M2Q0ZmQ0NQ?redir-setuniq=1
IP 213.180.204.90:0
GET /mapuid/gonetdspis/N2Y4NWFhNGY3M2Q0ZmQ0NQ?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 06 Oct 2022 02:38:52 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06 Oct 2022 02:38:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 06 Oct 2022 02:38:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
st.top100.ru/top100/top100.js
81.19.89.16200 OK 0 B URL HTTP/2 st.top100.ru/top100/top100.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 06 Oct 2022 02:38:52 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 13:53:21 GMT
x-rgw-object-type: Normal
etag: W/"12a61560729bbc5bd338a694dd2c79e1"
x-amz-request-id: tx0000000000001cd057a79-00633e3ef0-f85be6-default
expires: Thu, 06 Oct 2022 03:38:52 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAALw/PmNwCixsAeXVywB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/25706036?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023933%3At%3A&t=gdpr(14)rqnl(2)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/25706036?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023933%3At%3A&t=gdpr(14)rqnl(2)ti(2)
IP 87.250.250.119:0
GET /watch/25706036?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023933%3At%3A&t=gdpr(14)rqnl(2)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.svk-native.ru
Connection: keep-alive
Referer: https://widget.svk-native.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/25706036/1?wmode=7&page-url=https%3A%2F%2Fwidget.svk-native.ru%2Fcounters%2F%3Futm_source%3D104001533&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1397089339524%3Ahid%3A131955870%3Az%3A0%3Ai%3A20221006023851%3Aet%3A1665023932%3Arn%3A801829243%3Arqn%3A1%3Au%3A1665023932954765663%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C25%2C0%2C%2C0%2C%2C268%2C0%2C%2C%2C%2C403%3Ans%3A1665023931330%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023933%3At%3A&t=gdpr%2814%29rqnl%282%29ti%282%29
date: Thu, 06 Oct 2022 02:38:52 GMT
access-control-allow-origin: https://widget.svk-native.ru
set-cookie: yandexuid=2136067681665023932; Expires=Fri, 06-Oct-2023 02:38:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2136067681665023932; Expires=Fri, 06-Oct-2023 02:38:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=256322081665023932; Path=/; SameSite=None; Secure
i=B66Bp6Z/EAtFNxTINUjfPh/6IiRE4tIM9xBKgX/NirdKqr8wcsOzubJA7sbM2x7wAyw4K2mV7wl3eEoLA+UhLnXlPOw=; Expires=Sun, 03-Oct-2032 02:38:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696559932.yrts.1665023932#1696559932.yrtsi.1665023932; Expires=Fri, 06-Oct-2023 02:38:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:52 GMT
last-modified: Thu, 06-Oct-2022 02:38:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/
81.19.89.17200 OK 0 B URL HTTP/2 kraken.rambler.ru/cnt/v2/
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/v2/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 610
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 06 Oct 2022 02:38:56 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-srv: 1kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAMA/PmNcCniUAdhVxQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAMA/PmNcCniUAdhVxQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
widget.sparrow.ru/js/embed.js
65.109.36.35200 OK 0 B URL HTTP/2 widget.sparrow.ru/js/embed.js
IP 65.109.36.35:0
ASN #24940 Hetzner Online GmbH
GET /js/embed.js HTTP/1.1
Host: widget.sparrow.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:39:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 08 Sep 2022 15:30:06 GMT
vary: Accept-Encoding
etag: W/"631a0a7e-5d70"
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=166310&cpm_floor=5000&sitename=new-days.ru&count=1&callback=window.relapCbRegistry.relapCb5981315329
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=166310&cpm_floor=5000&sitename=new-days.ru&count=1&callback=window.relapCbRegistry.relapCb5981315329
IP 95.163.41.56:0
GET /adq/?q=166310&cpm_floor=5000&sitename=new-days.ru&count=1&callback=window.relapCbRegistry.relapCb5981315329 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=942656&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4647770714
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=942656&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4647770714
IP 95.163.41.56:0
GET /adq/?q=942656&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4647770714 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=814987&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4671391853
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=814987&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4671391853
IP 95.163.41.56:0
GET /adq/?q=814987&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb4671391853 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
st.top100.ru/top100/3.11.2/usability.js
81.19.89.16200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.11.2/usability.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.11.2/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 06 Oct 2022 02:38:53 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 13:53:21 GMT
x-rgw-object-type: Normal
etag: W/"938473d218882863684793c81fcf5118"
x-amz-request-id: tx0000000000001cd057678-00633e3ee2-f85be6-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAAL0/PmNwCixsAQHWywB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=953999&cpm_floor=100&sitename=new-days.ru&count=4
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adp/?q=953999&cpm_floor=100&sitename=new-days.ru&count=4
IP 95.163.41.56:0
GET /adp/?q=953999&cpm_floor=100&sitename=new-days.ru&count=4 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=626208&cpm_floor=3000&sitename=new-days.ru&count=4
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adp/?q=626208&cpm_floor=3000&sitename=new-days.ru&count=4
IP 95.163.41.56:0
GET /adp/?q=626208&cpm_floor=3000&sitename=new-days.ru&count=4 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=135&redirect=1&id=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
65.109.65.188302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=135&redirect=1&id=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e
IP 65.109.65.188:0
ASN #24940 Hetzner Online GmbH
GET /usersync?dspcsid=135&redirect=1&id=8cfee26f-f2e5-4534-9ecb-49afd95fdc7e HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: bvuid=affsqw02sj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 06 Oct 2022 02:38:52 GMT
x-request-id: 77140fc9-d457-4a3b-b73a-1b14c533ffaf
set-cookie: bvuid=affsqw02sj; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=affsqw02sj; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://cs.alfasense.com/p?ssp=bv&uid=affsqw02sj
X-Firefox-Spdy: h2
rucdn.viadata.store/js/player/hls2.js
23.111.115.172200 OK 0 B URL HTTP/2 rucdn.viadata.store/js/player/hls2.js
IP 23.111.115.172:0
GET /js/player/hls2.js HTTP/1.1
Host: rucdn.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 11:56:44 GMT
vary: Accept-Encoding
etag: W/"6214cf7c-4ea62"
x-robots-tag: noindex, nofollow
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
widget.svk-native.ru/main/register-view?w=19047&page_id=104001533
65.109.36.34200 OK 0 B URL HTTP/2 widget.svk-native.ru/main/register-view?w=19047&page_id=104001533
IP 65.109.36.34:0
ASN #24940 Hetzner Online GmbH
POST /main/register-view?w=19047&page_id=104001533 HTTP/1.1
Host: widget.svk-native.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 189
Origin: https://widget.svk-native.ru
Connection: keep-alive
Cookie: s-common=0lad46qviodk2v7dk5kiekllca; _svk_uid2=a61082ff8dd3c919432bfb80177bbb73c0073ad77e568b6098906ea0b5bf4ff0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22_svk_uid2%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; _pr_sid=68e4cb5a0cb99bcc5f98f5093821877cbe706349680da4de83f9bdb902bfb22aa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bs%3A7%3A%222732863%22%3B%7D; _csrf-widget=192af223aaad4ecda3f7c50fbf76e087ce8b1fb4a50559432d01800637eb585ea%3A2%3A%7Bi%3A0%3Bs%3A12%3A%22_csrf-widget%22%3Bi%3A1%3Bs%3A32%3A%22ZTBCbs6YXeLlIzwkTmR9puCFPt8gF7Fq%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: https://widget.svk-native.ru
access-control-allow-credentials: true
set-cookie: test3rd=44baa923ac48967c8af3a6434306e8d211adee0ea206fcd932401157e12e4b63a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22test3rd%22%3Bi%3A1%3Bi%3A2904417584%3B%7D; expires=Wed, 01-Oct-2042 02:38:51 GMT; Max-Age=630720000; path=/; domain=.svk-native.ru; secure; SameSite=None
_pr_sid=53ee1cf9785d080a9c41c8a78d90df647c52780a1c4ca24c8034661cfcb628c9a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22_pr_sid%22%3Bi%3A1%3Bi%3A2732863%3B%7D; expires=Thu, 06-Oct-2022 03:08:51 GMT; Max-Age=1800; path=/; secure; HttpOnly; SameSite=None
x-upstream: unix:/run/haproxy-phpfpm-default.sock
content-encoding: gzip
X-Firefox-Spdy: h2
giclgq.com/v4/render?surfer_uuid=63968660-91c7-4e38-af9e-4e8dc0156275&referrer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&page_load_uuid=fae68654-e26e-4f50-8c06-f0268254c12a&page_depth=1&2wgmymaiwyn=361a7ab2-cef3-4487-a6b4-8eb7b0d11636&block_uuid=361a7ab2-cef3-4487-a6b4-8eb7b0d11636&refresh_depth=1&safari_multiple_request=286
62.76.25.27200 OK 0 B URL HTTP/2 giclgq.com/v4/render?surfer_uuid=63968660-91c7-4e38-af9e-4e8dc0156275&referrer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&page_load_uuid=fae68654-e26e-4f50-8c06-f0268254c12a&page_depth=1&2wgmymaiwyn=361a7ab2-cef3-4487-a6b4-8eb7b0d11636&block_uuid=361a7ab2-cef3-4487-a6b4-8eb7b0d11636&refresh_depth=1&safari_multiple_request=286
IP 62.76.25.27:0
GET /v4/render?surfer_uuid=63968660-91c7-4e38-af9e-4e8dc0156275&referrer=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&page_load_uuid=fae68654-e26e-4f50-8c06-f0268254c12a&page_depth=1&2wgmymaiwyn=361a7ab2-cef3-4487-a6b4-8eb7b0d11636&block_uuid=361a7ab2-cef3-4487-a6b4-8eb7b0d11636&refresh_depth=1&safari_multiple_request=286 HTTP/1.1
Host: giclgq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1A79042EBA3F3E63F600655202F48C1A?redir-setuniq=1
213.180.204.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1A79042EBA3F3E63F600655202F48C1A?redir-setuniq=1
IP 213.180.204.90:0
GET /mapuid/sapeis/1A79042EBA3F3E63F600655202F48C1A?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 06 Oct 2022 02:38:52 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06 Oct 2022 02:38:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 06 Oct 2022 02:38:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=73&campaignid=11&zoneid=1&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&cb=cd05bc1fe7&zones=1|7|4&xcampaigns=::cpaex::between::getintent::default-stub::vox::otm::alfasense::rtbsape::kadam-js::&xsite=5761&xsitename=new-days.ru
136.144.31.29200 OK 0 B URL HTTP/2 ads.alfasense.net/adserver/www/delivery/lg.php?bannerid=73&campaignid=11&zoneid=1&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&cb=cd05bc1fe7&zones=1|7|4&xcampaigns=::cpaex::between::getintent::default-stub::vox::otm::alfasense::rtbsape::kadam-js::&xsite=5761&xsitename=new-days.ru
IP 136.144.31.29:0
ASN #52000 Innovation IT Solutions LTD
GET /adserver/www/delivery/lg.php?bannerid=73&campaignid=11&zoneid=1&loc=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&cb=cd05bc1fe7&zones=1|7|4&xcampaigns=::cpaex::between::getintent::default-stub::vox::otm::alfasense::rtbsape::kadam-js::&xsite=5761&xsitename=new-days.ru HTTP/1.1
Host: ads.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Cookie: OAID=01000111010001000101000001010010
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:54 GMT
content-type: image/gif
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
set-cookie: OAID=01000111010001000101000001010010; expires=Fri, 06-Oct-2023 02:38:53 GMT; Max-Age=31536000; path=/; secure; SameSite=none
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=732879&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb2077794261
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=732879&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb2077794261
IP 95.163.41.56:0
GET /adq/?q=732879&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb2077794261 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
acceptable.a-ads.com/2040021?size=Adaptive&background_color=transparent&text_color=717171&title_color=717171&title_hover_color=717171&link_color=717171&link_hover_color=717171
148.251.233.147200 OK 0 B URL HTTP/2 acceptable.a-ads.com/2040021?size=Adaptive&background_color=transparent&text_color=717171&title_color=717171&title_hover_color=717171&link_color=717171&link_hover_color=717171
IP 148.251.233.147:0
ASN #24940 Hetzner Online GmbH
GET /2040021?size=Adaptive&background_color=transparent&text_color=717171&title_color=717171&title_hover_color=717171&link_color=717171&link_hover_color=717171 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:47 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://new-days.ru/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.196.115200 OK 0 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.196.115:0
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 388
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=29311a9d-88fd-5217-a4c9-d5b8c7f7ea04; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yz4_vAADYzAdztdDjVljZQaumjlgbDlplcx0Ug==; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Fri, 06 Oct 2023 02:38:52 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=893287&cpm_floor=100&sitename=new-days.ru&count=1
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adp/?q=893287&cpm_floor=100&sitename=new-days.ru&count=1
IP 95.163.41.56:0
GET /adp/?q=893287&cpm_floor=100&sitename=new-days.ru&count=1 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/
81.19.89.17200 OK 0 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 460
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Thu, 06 Oct 2022 02:38:56 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
x-srv: 1kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAMA/PmNcCniUAdlVxQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAMA/PmNcCniUAdlVxQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=814991&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb3917102285
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=814991&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb3917102285
IP 95.163.41.56:0
GET /adq/?q=814991&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb3917102285 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=45459&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5613565469
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=45459&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5613565469
IP 95.163.41.56:0
GET /adq/?q=45459&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5613565469 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=815003&cpm_floor=3000&sitename=new-days.ru&count=4
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adp/?q=815003&cpm_floor=3000&sitename=new-days.ru&count=4
IP 95.163.41.56:0
GET /adp/?q=815003&cpm_floor=3000&sitename=new-days.ru&count=4 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A32184523%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A348980830%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A728x90%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C140%3Ans%3A1665023933222%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023936%3At%3A&t=gdpr(14)rqnl(2)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A32184523%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A348980830%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A728x90%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C140%3Ans%3A1665023933222%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023936%3At%3A&t=gdpr(14)rqnl(2)ti(2)
IP 87.250.250.119:0
GET /watch/73418029?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A32184523%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A348980830%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A728x90%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C140%3Ans%3A1665023933222%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023936%3At%3A&t=gdpr(14)rqnl(2)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/73418029/1?wmode=7&page-url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A356861989367%3Ahid%3A32184523%3Az%3A0%3Ai%3A20221006023855%3Aet%3A1665023935%3Ac%3A1%3Arn%3A348980830%3Arqn%3A1%3Au%3A166502393142325077%3Aw%3A728x90%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C%2C0%2C%2C%2C%2C140%3Ans%3A1665023933222%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A2%3Ast%3A1665023936%3At%3A&t=gdpr%2814%29rqnl%282%29ti%282%29
date: Thu, 06 Oct 2022 02:38:56 GMT
access-control-allow-origin: https://new-days.ru
set-cookie: yandexuid=8732919931665023936; Expires=Fri, 06-Oct-2023 02:38:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8732919931665023936; Expires=Fri, 06-Oct-2023 02:38:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2577517591665023936; Path=/; SameSite=None; Secure
i=5XxP3+UNOP9FMwv4AyfRBb90DjADB1RSEwpSNL00tpV9w4ez7etYHUzfEXnvLv18R6U9nA18wqm7+jQ/9atRsgmdQRs=; Expires=Sun, 03-Oct-2032 02:38:48 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696559936.yrts.1665023936#1696559936.yrtsi.1665023936; Expires=Fri, 06-Oct-2023 02:38:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 02:38:56 GMT
last-modified: Thu, 06-Oct-2022 02:38:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/svk-native/
93.95.102.105302 Found 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/svk-native/
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
GET /cookie_matching/svk-native/ HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://widget.svk-native.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 06 Oct 2022 02:38:51 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/svk-native//?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWM+P7s6I4Y1XQctAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
ad.mail.ru/adp/?q=893287&cpm_floor=100&sitename=new-days.ru&count=1
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adp/?q=893287&cpm_floor=100&sitename=new-days.ru&count=1
IP 95.163.41.56:0
GET /adp/?q=893287&cpm_floor=100&sitename=new-days.ru&count=1 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new-days.ru
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:55 GMT
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
relap.io/api/v7/ext_cfgs?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
95.163.37.253200 OK 0 B URL HTTP/2 relap.io/api/v7/ext_cfgs?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 95.163.37.253:0
GET /api/v7/ext_cfgs?token=gCxVX2zoFusWOj86&url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: relap.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Content-Type: application/json
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
Origin: https://new-days.ru
Connection: keep-alive
Cookie: unique=SkG9g3pO; fsts=1665023928; lsts=1665023934; suid=20ccc67944f9e024a2f4d52ae6751aaff3ebc6f2--037499b66c94b7604d199b71fc288d6afe0a20041bf6770878587d0ef5618987; hllc=2; rlprp=eqR5ZA--e1dc77e2367377486ee3fa466a4c0c806518c09a0ad41363adf970826cdfa2b7; 3rdpce=1; uuid=9eb09c2c-e018-4823-bc87-cae77e473583; rlpagcs_2=1665023929:CMcxPNzoJdQA2jGQ8XV0Y_oQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-expose-headers: X-Relap-Cookie
access-control-allow-origin: https://new-days.ru
set-cookie: lsts=1665023935; expires=Sun, 03 Oct 2032 02:38:55 GMT; domain=.relap.io; path=/; secure; HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-server: back21
vary: Origin
access-control-allow-credentials: true
access-control-max-age: 1728000
date: Thu, 06 Oct 2022 02:38:55 GMT
x-relap-cookie: rlprp=eqR5ZA:lbYsTQ
strict-transport-security: max-age=5184000; includeSubdomains;
content-encoding: br
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.js
IP 178.250.2.130:0
GET /js/ld/publishertag.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: text/javascript
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
etag: W/"6337ac21-1e358"
expires: Fri, 07 Oct 2022 02:38:50 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rux.viadata.store/abcdef/105524/?pub_sid=105524&zone=2979&VIA_WIDTH=432&VIA_HEIGHT=243&v=209281&rc=1&cb=1665023931009&page_url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
23.111.119.12200 OK 0 B URL HTTP/2 rux.viadata.store/abcdef/105524/?pub_sid=105524&zone=2979&VIA_WIDTH=432&VIA_HEIGHT=243&v=209281&rc=1&cb=1665023931009&page_url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F
IP 23.111.119.12:0
GET /abcdef/105524/?pub_sid=105524&zone=2979&VIA_WIDTH=432&VIA_HEIGHT=243&v=209281&rc=1&cb=1665023931009&page_url=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F HTTP/1.1
Host: rux.viadata.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new-days.ru/
Origin: https://new-days.ru
Connection: keep-alive
Cookie: viads_uid=1ca874c3-120b-415b-94bd-67ea89482858
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.5
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://new-days.ru
access-control-allow-credentials: true
access-control-allow-headers: sentry-trace
content-encoding: br
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=814987&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb6413049544
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=814987&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb6413049544
IP 95.163.41.56:0
GET /adq/?q=814987&cpm_floor=3000&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb6413049544 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
data.giraff.io/track/new-daysru.js?r=&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rand=0.25442133813513046&v=202209121240&vis=1&callback=cbGeo298453378&sp=h
92.53.64.248200 OK 0 B URL HTTP/2 data.giraff.io/track/new-daysru.js?r=&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rand=0.25442133813513046&v=202209121240&vis=1&callback=cbGeo298453378&sp=h
IP 92.53.64.248:0
ASN #49505 OOO Network of data-centers Selectel
GET /track/new-daysru.js?r=&u=https%3A%2F%2Fnew-days.ru%2F21767-medved-prosnylsia-i-medved-razozlilsia-kievlianam-pora-bejat-priamo-seichas%2F&rand=0.25442133813513046&v=202209121240&vis=1&callback=cbGeo298453378&sp=h HTTP/1.1
Host: data.giraff.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: gid=XDVA+GM+P7oRI0tZBC3MAg==; expires=Fri, 06-Oct-23 02:38:50 GMT; domain=giraff.io; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.69200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.69:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:38:51 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 92901
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad.mail.ru/adq/?q=942656&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5075855436
95.163.41.56200 OK 0 B URL HTTP/2 ad.mail.ru/adq/?q=942656&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5075855436
IP 95.163.41.56:0
GET /adq/?q=942656&cpm_floor=100&sitename=new-days.ru&count=4&callback=window.relapCbRegistry.relapCb5075855436 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:49 GMT
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.alfasense.net/lib/alfadart.lib.min.js
136.144.31.36200 OK 0 B URL HTTP/2 cdn.alfasense.net/lib/alfadart.lib.min.js
IP 136.144.31.36:0
ASN #52000 Innovation IT Solutions LTD
GET /lib/alfadart.lib.min.js HTTP/1.1
Host: cdn.alfasense.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://new-days.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:38:48 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 06:34:27 GMT
etag: W/"631ade73-9bf6"
content-security-policy: frame-ancestors 'none';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
cache-control: public, max-age=60
content-encoding: gzip
set-cookie: route=e7a39e6e3385558e2f6a6a18cac7185b; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2