proektanti.ru/user/work/51926
302 Found 246 B URL HTTP/1.1 proektanti.ru/user/work/51926
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 58d59fd03b3317e5a514c6a54efc1fae
def90df9112386a4c45ce8fca407286a41d9064b
6d246a763ac3d01001e53b57dfdd38820644a03c6cdd42a55ff372fcb2cc96b7
Analyzer Verdict Alert fortinet Malware
GET /user/work/51926 HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 14:53:09 GMT
Server: Apache/2.2.22 (Debian)
Location: https://proektanti.ru/user/work/51926
Cache-Control: max-age=1
Expires: Tue, 20 Sep 2022 14:53:10 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 14:13:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _9214m26QEy2UG8Ks4ofhJcjSbA_54Rtv64dXKUkYj4A4ru06ay3Tg==
Age: 2498
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8374
Expires: Tue, 20 Sep 2022 17:14:21 GMT
Date: Tue, 20 Sep 2022 14:54:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o70vaSWB_UFOelOqMTyIY6765-QIbDoC23ryqkGElg3TF_pxWkoOgg==
age: 37174
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:54:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash ba0d0c03de2bf92cdf43704bb5804c48
556384b9c0a4d213493a8a70473eeb2d3aa37be4
c767380e035a5ac0385a0dc5563d388734bb5a06cde32081d949a3afccc2eb17
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:21:45 GMT
ETag: "556384b9c0a4d213493a8a70473eeb2d3aa37be4"
Last-Modified: Tue, 20 Sep 2022 13:21:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db65fc6d791c02-OSL
proektanti.ru/user/work/51926
200 OK 5.7 kB URL HTTP/1.1 proektanti.ru/user/work/51926
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (740), with CRLF, LF line terminators
Hash 33d467bd67cd515a5298431bd844dd1b
e5933e0f332d34fc960b69e81dce16b49ca9d2c1
2218d74ae184c2727b06e0897ac3bf9abacdf85863b3fba92eca3ec094d76d67
Analyzer Verdict Alert fortinet Malware
GET /user/work/51926 HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:09 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.35-0+deb7u2
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5689
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
proektanti.ru/stylesheets/style.css
200 OK 16 kB URL HTTP/1.1 proektanti.ru/stylesheets/style.css
IP
ASN #12695 LLC Digital Network
Hash d5139897f6a1470224015ed96459ddca
844db22ce33c21c6e5360ee52064828ce9e14409
f35e6e5ac6c6828d55abc87dc55e281a902b6a8b05f93673d332484d12599879
GET /stylesheets/style.css HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Tue, 22 Sep 2020 18:35:26 GMT
ETag: "19a2d-5afeb3b065780"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16091
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 14:03:22 GMT
Expires: Tue, 20 Sep 2022 14:28:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 111Cg22HQWf_FN_dW1SZ1zrfEOxju4oXel_NCgPk090DhIn6hdwD0g==
Age: 3086
proektanti.ru/public/javascripts/jquery-3.4.1.min.js
200 OK 31 kB URL HTTP/1.1 proektanti.ru/public/javascripts/jquery-3.4.1.min.js
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 910c198b9f17e7e7c629a330f3bc7b4f
baa09a0e98d1619c59742f96e4a38162e4ea01d1
add895f93a910a39ea7133ba3eaa2f1929ae629c25c00e467717413ca56d0745
Analyzer Verdict Alert fortinet Malware
GET /public/javascripts/jquery-3.4.1.min.js HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Mon, 14 Oct 2019 09:13:00 GMT
ETag: "1596c-594db46323f00"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30823
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
proektanti.ru/public/images/systems/skype.png
200 OK 1.8 kB URL HTTP/1.1 proektanti.ru/public/images/systems/skype.png
IP
ASN #12695 LLC Digital Network
File type PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 17540ad70790e50c0badf91332331921
5849287671b8b6cb8d37a6f385a822a522f630a0
5dfe030ba2aaadbaa59994da619339955ad94a8af15bd164ff140f45146e7a48
GET /public/images/systems/skype.png HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Tue, 25 Nov 2014 19:49:12 GMT
ETag: "720-508b43487be00"
Accept-Ranges: bytes
Content-Length: 1824
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
proektanti.ru/public/images/systems/logo.jpg
200 OK 12 kB URL HTTP/1.1 proektanti.ru/public/images/systems/logo.jpg
IP
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 249x107, components 3\012- data
Hash 97c7b3a11cc84ab43c03a3edbf8b71ff
c2b52c87102e851c0c1d6427ce4f70dee21039fb
8c47a1c504a761b3e01590059ad678edd78bc410db3e634cdfd97241c57d0087
GET /public/images/systems/logo.jpg HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "2fed-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 12269
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
proektanti.ru/images/likep.png
200 OK 1.5 kB URL HTTP/1.1 proektanti.ru/images/likep.png
IP
ASN #12695 LLC Digital Network
File type PNG image data, 14 x 14, 8-bit/color RGBA, interlaced\012- data
Hash 38217821dfcc2ada30f0a31253dd5ab4
71a1dde0a83ba629d2bc5522cc9bb2b016676800
950e1f981264ae9d50889fd578c12361f7e6e9f31bca925141b1191f4e460b68
GET /images/likep.png HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Fri, 18 Oct 2019 21:29:15 GMT
ETag: "5bf-595360698c0c0"
Accept-Ranges: bytes
Content-Length: 1471
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
200 OK 471 B IP
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5225
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:48 GMT
Last-Modified: Tue, 20 Sep 2022 13:27:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
proektanti.ru/images/portfolio/519/s2_preview51926.jpg
200 OK 66 kB URL HTTP/1.1 proektanti.ru/images/portfolio/519/s2_preview51926.jpg
IP
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 825x583, components 3\012- data
Hash f308aec8abeb81f2d3dd90a901b92334
e24ac69ee087ded21eda58ef2c96e06d51ae2a62
3af1477eaebfce9e50e5078bf72a25b4c49c43c6348fe23edfb54cc858dbc8ec
GET /images/portfolio/519/s2_preview51926.jpg HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Wed, 15 Jan 2020 17:00:25 GMT
ETag: "10245-59c30a50dd375"
Accept-Ranges: bytes
Content-Length: 66117
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7312368778e40c28bb361ee96b5dc785
bd750b2bda89b22dec4dfceb305dd155670a3e9d
4c982a24da030c3f5ff194c259162faa4171831f6072cc59357ec2d7c030b098
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C982A24DA030C3F5FF194C259162FAA4171831F6072CC59357EC2D7C030B098"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11871
Expires: Tue, 20 Sep 2022 18:12:39 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive
proektanti.ru/public/images/systems/ugl.gif
200 OK 153 B URL HTTP/1.1 proektanti.ru/public/images/systems/ugl.gif
IP
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 40 x 44\012- data
Hash d3138b814562539a5b7a1b37ddbca5dc
7da04f2550a0d46a19b27fd68304af0f7766d3a5
d9206a07cc59f9c08d0ac48680f82e870d7528b47b346013d0e474e68a178f35
GET /public/images/systems/ugl.gif HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "99-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 153
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
proektanti.ru/public/images/systems/l1.gif
200 OK 112 B URL HTTP/1.1 proektanti.ru/public/images/systems/l1.gif
IP
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 9 x 36\012- data
Hash 837486ba0b2d7e6e3f822545173aae5a
75e3ebb8ed895e5a75d335d0b169a6a30cc3df02
3662ad1405fbec98de7db6a9b7d83d59df69acae0e019cc59829be7abec2132d
GET /public/images/systems/l1.gif HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "70-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 112
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
proektanti.ru/public/images/systems/portactiv.gif
200 OK 390 B URL HTTP/1.1 proektanti.ru/public/images/systems/portactiv.gif
IP
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 102 x 44\012- data
Hash 87e7226cfb7974b50e7bc8b60175b1d6
416c11c8703c6ca07ce6997a0b09720e0ca65456
3c1154a92ebcc302c5f4a2ed01665de053256de7d0183b3f47ee0b962113242b
GET /public/images/systems/portactiv.gif HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "186-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 390
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
proektanti.ru/public/images/systems/bnotactiv.gif
200 OK 447 B URL HTTP/1.1 proektanti.ru/public/images/systems/bnotactiv.gif
IP
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 120 x 44\012- data
Hash e8c59857f4378c43e6b0a349f7859c6d
95ee981e18751c7e839fab78d992a41e9872323e
3bbfd108fb08deba8ad9de928db215c346c1e168fde297238ede17235d34609f
GET /public/images/systems/bnotactiv.gif HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "1bf-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 447
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
proektanti.ru/public/images/systems/otnotactive.gif
200 OK 375 B URL HTTP/1.1 proektanti.ru/public/images/systems/otnotactive.gif
IP
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 90 x 44\012- data
Hash 5ea39c80638bbc5595b694930b84a17e
bd56246e5d1d096d897a5588d7ed995c03c3eb00
1d7b4239de23255ae1afc585e1111baf7936b0c485d61c33ce5c2a0cf5b40930
GET /public/images/systems/otnotactive.gif HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "177-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 375
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
www.acint.net/aci.js
200 OK 7.5 kB IP
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:48 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Wed, 21 Sep 2022 02:54:48 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
proektanti.ru/public/images/systems/sernottactiv.gif
200 OK 410 B URL HTTP/1.1 proektanti.ru/public/images/systems/sernottactiv.gif
IP
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 114 x 44\012- data
Hash 80f74f4891d4791674a61f07af999220
0feacf1e2185170e3e6ffc970ae4bc53c94e259f
6e90333fb480831e4c04e9d8122e8bc5bbf2341f31216893b345494b1606423d
GET /public/images/systems/sernottactiv.gif HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "19a-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 410
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fa01a3f648014bcd2c88c2819adff5d
5e297c19fbb59242b5ac5cc792ea703c22cf99f3
4573aa467856ed1d94f4afdb35c88006db3e70601c2d7ce1cf448cfe489bac84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4573AA467856ED1D94F4AFDB35C88006DB3E70601C2D7CE1CF448CFE489BAC84"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10690
Expires: Tue, 20 Sep 2022 17:52:58 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74f8e6e13c34cfb9d1b2d526ae9cf920
00d112c2ac9bbb41645a71d1ca8d5df885decf12
1034d562f8e1cbb3458d0cfae682ab3cba8ea652757dde7755dc634dde665d04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1034D562F8E1CBB3458D0CFAE682AB3CBA8EA652757DDE7755DC634DDE665D04"
Last-Modified: Tue, 20 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10841
Expires: Tue, 20 Sep 2022 17:55:29 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iGbu/o/+YD5mtKTd3IjmdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IPjfgcPsU0LY2/XGyNwEWJxFw2c=
www.acint.net/hit/?v=0.4.0&uid=5f750206-cdcc-470c-bebd-5a94d214ea7c&dp=10&tz=%2B00%3A00&nc=65368130&u=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&r=&rs=1280x1024&t=%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&oE=1&oP=1&dT=2022-09-20T14%3A54%3A48.705&fu=d29cca94-1503-4a87-a355-862beef83266
200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=5f750206-cdcc-470c-bebd-5a94d214ea7c&dp=10&tz=%2B00%3A00&nc=65368130&u=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&r=&rs=1280x1024&t=%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&oE=1&oP=1&dT=2022-09-20T14%3A54%3A48.705&fu=d29cca94-1503-4a87-a355-862beef83266
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=5f750206-cdcc-470c-bebd-5a94d214ea7c&dp=10&tz=%2B00%3A00&nc=65368130&u=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&r=&rs=1280x1024&t=%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&oE=1&oP=1&dT=2022-09-20T14%3A54%3A48.705&fu=d29cca94-1503-4a87-a355-862beef83266 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:48 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWMp1DhplAPi9Fl1AjuqXRu20YcCvkTXwmmu+7Bcbwm0; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
media.reformal.ru/widgets/v3/reformal.js
200 OK 4.8 kB URL HTTP/1.1 media.reformal.ru/widgets/v3/reformal.js
IP
File type ASCII text, with very long lines (15116)
Hash 206c92e8c010e2f54dc2e76adf56bddc
cc612ba858973a9c384107e4df6453c9ed9ebf10
154e0789792326a4a35496859afd407e299d30d62b86709c6d4387c8f51296b9
GET /widgets/v3/reformal.js HTTP/1.1
Host: media.reformal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Type: application/x-javascript; charset=utf-8
Last-Modified: Wed, 27 Apr 2016 09:51:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"57208bb3-3b0d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
www.acint.net/mc/?dp=10
302 Found 154 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 20 Sep 2022 14:54:48 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Tue, 20-Sep-22 15:04:48 GMT
aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
proektanti.ru/public/images/systems/llogo.gif
200 OK 68 kB URL HTTP/1.1 proektanti.ru/public/images/systems/llogo.gif
IP
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 680 x 130\012- data
Hash 7f134aeaf663bc58d0835dfa21afe5ac
9869af045fa3f069e2d34e889059af84c0fd9d03
cae2501c253f7a69f8a8df3b56792b562c32c381b4e5b3e7ec27068208b8bce5
GET /public/images/systems/llogo.gif HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/stylesheets/style.css
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:10 GMT
Server: Apache/2.2.22 (Debian)
Last-Modified: Sat, 31 Jan 2009 11:50:11 GMT
ETag: "10a87-461c5ec7e62c0"
Accept-Ranges: bytes
Content-Length: 68231
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 14:53:10 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
securemoney.ru/556118.js
200 OK 8.3 kB IP
File type gzip compressed data, from Unix\012- data
Hash 6075742d564fbc306a88508d7e0e5d3d
769855acd94bae595564826b23fa3f738c806799
cda0005e8be6a96fed733b0ea7cfa06fbcb3123c3692ed3d3ce7e8ee83587c63
GET /556118.js HTTP/1.1
Host: securemoney.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:54:48 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
reformal.ru/human_check/74646|aHR0cHM6Ly9wcm9la3RhbnRpLnJ1L3VzZXIvd29yay81MTkyNg==||62474
200 OK 43 B URL HTTP/1.1 reformal.ru/human_check/74646|aHR0cHM6Ly9wcm9la3RhbnRpLnJ1L3VzZXIvd29yay81MTkyNg==||62474
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /human_check/74646|aHR0cHM6Ly9wcm9la3RhbnRpLnJ1L3VzZXIvd29yay81MTkyNg==||62474 HTTP/1.1
Host: reformal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Fri, 20 Dec 2013 07:24:29 GMT
Connection: keep-alive
ETag: "52b3f0ad-2b"
Accept-Ranges: bytes
log.reformal.ru/st.php?w=3&pid=74646
200 OK 43 B URL HTTP/1.1 log.reformal.ru/st.php?w=3&pid=74646
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 45cf913e5d9d3c9b2058033056d3dd23
30cb5d44e276505b1d4c053c8b25525da228db30
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
GET /st.php?w=3&pid=74646 HTTP/1.1
Host: log.reformal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
tab.reformal.ru/T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/FFFFFF/a08a7c60392f68cb33f77d4f56cf8c6f/right/1/tab.png
200 OK 6.3 kB URL HTTP/1.1 tab.reformal.ru/T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/FFFFFF/a08a7c60392f68cb33f77d4f56cf8c6f/right/1/tab.png
IP
File type PNG image data, 21 x 217, 16-bit/color RGBA, non-interlaced\012- data
Hash d04157421f816095076e9907e0284d90
075d70eb0180148c0562fcdb109e82190eea2683
7cf04ed5fa482c73c10c6bca22d9ff45cc4c57311abedfe6f433a10d1ec5190f
GET /T9GC0LfRi9Cy0Ysg0Lgg0L%252FRgNC10LTQu9C%252B0LbQtdC90LjRjw==/FFFFFF/a08a7c60392f68cb33f77d4f56cf8c6f/right/1/tab.png HTTP/1.1
Host: tab.reformal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Type: image/png
Content-Length: 6291
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 14:27:04 GMT
Expires: Fri, 30 Sep 2022 14:54:48 GMT
Cache-Control: max-age=864000
w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1663685688887890
200 OK 84 B URL HTTP/1.1 w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1663685688887890
IP
ASN #12695 LLC Digital Network
File type ASCII text, with no line terminators
Hash fed25cd0e0cf7d5b48bc523bff2c69d4
f16eb6b84bcd164cbc789f8dab2096a2b0f9db49
611d6f417b0979e7808aeb947d674a1801cfd79b0c2f582cfee5fade37c664d6
GET /widgets/v1/version.js?cb=cb__utl_cb_share_1663685688887890 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 15 Sep 2022 15:59:22 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=28862114642; Expires=Thu, 19 Sep 2024 14:54:48 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="; Expires=Thu, 19 Sep 2024 14:54:48 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT; SameSite=None; Secure
uid-legacy=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115&cs=1
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=0100007F38D42963E1037A6A027E3115
204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007F38D42963E1037A6A027E3115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 14:54:48 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=1e187667103caca87443; expires=Wed, 20 Sep 2023 14:54:47 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 518
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash bed2f948f6dfdc60139daab6dfd94d3a
e17a1270be105dec70591a62034a2ae4c4af0774
9538e7f4c24fbff527a7c022bbd1f4f75fba85f801312d454f1957040ae26271
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 11:41:26 GMT
ETag: "e17a1270be105dec70591a62034a2ae4c4af0774"
Last-Modified: Tue, 20 Sep 2022 11:41:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 156
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db66040e6b1c02-OSL
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115&cs=1
200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115&cs=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F38D42963E1037A6A027E3115&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=2c943702-38f4-11ed-ad67-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:54:48 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT; SameSite=None; Secure
uid-legacy=2c943702-38f4-11ed-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 20 Sep 2023 14:54:48 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6cccf97799244ecc00dd257aaa5fea3a
5e0f5f35902f2c10f420ccfafd23fd8f8fa6325c
c9d5840fc9dea3d55d10247f043b47715557416539db5856830be0275ebd1224
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9D5840FC9DEA3D55D10247F043B47715557416539DB5856830BE0275EBD1224"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9370
Expires: Tue, 20 Sep 2022 17:30:58 GMT
Date: Tue, 20 Sep 2022 14:54:48 GMT
Connection: keep-alive
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=e9bf0ceffd234e539eacc3332259abe4
server: Kestrel
set-cookie: adlm_userId=e9bf0ceffd234e539eacc3332259abe4; expires=Tue, 19 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Tue, 20 Sep 2022 14:54:48 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f4243961f88b4c0afd986438a06ca360
ebcb03b16feb59501d3e6ac24f3912a9b1ed91af
aae0e85630738cc7c81aa418a1bd78ed83f4f183ba3662b5151cda5471fda384
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1339
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 14:32:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3873fbe543ba17a5e146275de7be6487
fc80e918bf5e35723fc8996efcfe7f1c5a6472ce
35d956e357ea10d02a22bcf025f803e9fa6477631f9b333fbe1629060e8e75f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35D956E357EA10D02A22BCF025F803E9FA6477631F9B333FBE1629060E8E75F8"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20041
Expires: Tue, 20 Sep 2022 20:28:50 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=SRJCLKMY
Set-Cookie: uid=SRJCLKMY; Expires=Tue, 20 Sep 2032 00:00:00 GMT; mf2=1; Expires=Thu, 20 Oct 2022 00:00:00 GMT;
acint.net/match?dp=110&euid=e9bf0ceffd234e539eacc3332259abe4
200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=e9bf0ceffd234e539eacc3332259abe4
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=e9bf0ceffd234e539eacc3332259abe4 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 276999a09ea6d06c17bc17b0ac794a81
a5c49feff7e6055da2ad692188124bb7d265fb22
e75315ecf71f2d2c0bba377f986399db9653201d0e22c93f1d6a3af0aaf64190
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75315ECF71F2D2C0BBA377F986399DB9653201D0E22C93F1D6A3AF0AAF64190"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1052
Expires: Tue, 20 Sep 2022 15:12:21 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e35c8afad96bf9b06bd490f837e1d89
68ea71cef9267a1f581976a730384e2fac1ce512
036c9308ae0565c542b1dc222f015489d71bacd42e2921f5eed651c6a4bba258
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "036C9308AE0565C542B1DC222F015489D71BACD42E2921F5EED651C6A4BBA258"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17741
Expires: Tue, 20 Sep 2022 19:50:30 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=SRJCLKMY
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=SRJCLKMY
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=SRJCLKMY HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=ACB803C139D429632400CA61020BC419
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4rGMp1DlhygAkGcQLAmodMCPewcl3YoNSNdif7bPUhhT3; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c16e978ed7a0b951f4f501051bfd5b91
7540c81134f01468fd51190ebf0c40574d2e3d8a
4aa63e2826129e7cd08081a10d5194c70918b02a05e22bbad8cb83c8233c9105
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AA63E2826129E7CD08081A10D5194C70918B02A05E22BBAD8CB83C8233C9105"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6207
Expires: Tue, 20 Sep 2022 16:38:16 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
sync.republer.com/match?dsp=sape
204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=0100007F38D42963E1037A6A027E3115
204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007F38D42963E1037A6A027E3115
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.10
date: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ut.rktch.com/matchspm?pi=1000005&pui=0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=0100007F38D42963E1037A6A027E3115
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=ff13749a19896006298783ef610345f6aa99; Max-Age=2592000; Expires=Thu, 20 Oct 2022 14:54:49 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
acint.net/match?dp=14&euid=ACB803C139D429632400CA61020BC419
200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=ACB803C139D429632400CA61020BC419
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=ACB803C139D429632400CA61020BC419 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=sape
204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Thu, 20 Oct 2022 17:54:49 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Thu, 20 Oct 2022 17:54:49 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW8sbFEMV1NK3l5UAvuwES2UmB%2F%2B4bGjyJuPCZ5p2sy9Dw0Yic8yEKWaGxce%2BLPQsFnUbgmIbWRnXhI0%2F8zbITkpCFDfIWn09%2BV7l9akMNE2niMpcduBbDxdHWWxXM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74db66049b25b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
200 OK 42 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (783)
Hash 36e31a5362200127257f343ad21c9f3e
f5b05b2a24ca19d756b4cecf0ec80b304a0c7d2a
2ff107bc4ae47641d278b80ed6fa1a75f0a6f84bcd8f9aa16be825e32aace97a
GET /widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 20 Sep 2022 15:24:49 GMT
Content-Encoding: gzip
cs.agency2.ru/p?ssp=sp&uid=0100007F38D42963E1037A6A027E3115
301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007F38D42963E1037A6A027E3115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193
Set-Cookie: uuid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193; expires=Mon, 11 Sep 2023 14:54:49 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
media.reformal.ru/widgets/v3/gr.png
200 OK 118 B URL HTTP/1.1 media.reformal.ru/widgets/v3/gr.png
IP
File type PNG image data, 6 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 29bde5521d6493312035f01af1244b8a
7b1799aa52f6de213e90ceabe9ffb4e6a7d20e38
2f604ba6ec3da955517812e4a661ccd116d37f1edc20f4909a53049e4eab1656
GET /widgets/v3/gr.png HTTP/1.1
Host: media.reformal.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: image/png
Content-Length: 118
Last-Modified: Wed, 27 Apr 2016 09:51:47 GMT
Connection: keep-alive
ETag: "57208bb3-76"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0baccf6a02e5dccdc3d32c5f738430e9
3520305140e47dcbce5873bd26b0d8c28d270d95
479663131daf137b3317f4c88093f32079007076b45fdd3a0c53bcbc374e0c40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "479663131DAF137B3317F4C88093F32079007076B45FDD3A0C53BCBC374E0C40"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9225
Expires: Tue, 20 Sep 2022 17:28:34 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
www.acint.net/match?dp=129&euid=8e2hkj9fm4
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=8e2hkj9fm4
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=8e2hkj9fm4 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6c7ca79d72f3bb10c15342f56e9ada97
faa1ae6c5664dbc8fb0a61607bad123c33230c70
9ff0f01363dbfb8a16c5ba064b6ad8aaaf50c69cd6181e65c41ac1e46cf891ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FF0F01363DBFB8A16C5BA064B6AD8AAAF50C69CD6181E65C41AC1E46CF891AD"
Last-Modified: Tue, 20 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9249
Expires: Tue, 20 Sep 2022 17:28:58 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 98855e9ce0be35ea310eae4e1490fe71
df68c0ca275f6d4223eed05630fd131d4abc4e07
4f48c614f8706c55d2413c748c994cb4c7a850d7c3d526a5234ae37a8d30ba56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F48C614F8706C55D2413C748C994CB4C7A850D7C3D526A5234AE37A8D30BA56"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3604
Expires: Tue, 20 Sep 2022 15:54:53 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.acint.net/match?dp=186&euid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=6ca3b0af-fd4f-444c-89a5-0893a1cd9193 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007F38D42963E1037A6A027E3115
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=o3DjvRAgHpL7HCxMhkiV
set-cookie: jcsuuid=o3DjvRAgHpL7HCxMhkiV; expires=Wed, 20 Sep 2023 14:54:49 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
proektanti.ru/favicon.ico
200 OK 104 B URL HTTP/1.1 proektanti.ru/favicon.ico
IP
ASN #12695 LLC Digital Network
File type ASCII text, with no line terminators
Hash 75598572011cc989fec26c87b4560e8a
33c6f5f66db17fe17f4dae289d25d38c06264ec5
276c1411ace246f27c11f6a32e1f4c3d13cc294262e745d0071efa30966a1082
GET /favicon.ico HTTP/1.1
Host: proektanti.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/user/work/51926
Cookie: PHPSESSID=n80p98c9lc4n7fv3qvnqpp1eq6; fid=d29cca94-1503-4a87-a355-862beef83266
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:53:11 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.35-0+deb7u2
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 104
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
mediatoday.ru/core/match.gif?s=32&id=0100007F38D42963E1037A6A027E3115
200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=0100007F38D42963E1037A6A027E3115
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUvgab41jf5Wwls; expires=Fri, 17-Sep-2032 14:54:49 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t18.16;r;s1280*1024*24;uhttps%3A//proektanti.ru/user/work/51926;0.32539882269162534
200 OK 195 B URL HTTP/1.1 counter.yadro.ru/hit?t18.16;r;s1280*1024*24;uhttps%3A//proektanti.ru/user/work/51926;0.32539882269162534
IP
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash 39df1ade7a0f036a011e562202f896c4
e678b9904f4f78b763c3634935c2c5bcb817bd1d
ee75e6023b324fa84bc3bd615cca7961720a5ea2bc477970cb0e9ffdf566fe47
GET /hit?t18.16;r;s1280*1024*24;uhttps%3A//proektanti.ru/user/work/51926;0.32539882269162534 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: image/gif
Content-Length: 195
Connection: keep-alive
Expires: Sun, 19 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22db365060b124194f7c618e23eaa958
da38d8b0641d21400c1d6761024f60192e1e2fd8
fec7401fa6c80ae83ce366ce7722befd451222694b98e6373a3bb75866e187ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEC7401FA6C80AE83CE366CE7722BEFD451222694B98E6373A3BB75866E187AD"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6132
Expires: Tue, 20 Sep 2022 16:37:01 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
match.new-programmatic.com/userbind?src=sape&id=0100007F38D42963E1037A6A027E3115
204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0100007F38D42963E1037A6A027E3115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 1.4 kB URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
Hash 1c344638776418688d25c05b0254272e
d03e2c6af4ea2525d6553424fda9c1eba1ec2bc9
c604caa9dba36ec7c301a9b5c4199e422f3dba33ac76939e23042dd8ae12e4b0
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Tue, 20 Sep 2022 14:54:49 GMT
x-request-id: 0fe7f4d9-7c67-4dc4-9f1e-f94f611ad1a3
set-cookie: bvuid=8e2hkj9fm4; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=8e2hkj9fm4; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=8e2hkj9fm4
X-Firefox-Spdy: h2
stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115
IP
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 14:42:30 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=0100007F38D42963E1037A6A027E3115
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0100007F38D42963E1037A6A027E3115
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQyY2JlMzdiMi0zOGY0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Mon, 15 Sep 2042 14:54:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARi5qKeZBmIgMDEwMDAwN0YzOEQ0Mjk2M0UxMDM3QTZBMDI3RTMxMTWiARAsvjeyOPQR7YbgACWQwGR8
ETag: 2cbe37b2-38f4-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
nr.bidderstack.com/sape/cm?user_id=0100007F38D42963E1037A6A027E3115
200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007F38D42963E1037A6A027E3115
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=466031f1-1abb-4330-ab71-8523de4d2b23; domain=.bidderstack.com; path=/; expires=Wed, 20-Sep-2023 14:54:49 GMT;
Access-Control-Allow-Credentials: true
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (2903)
Hash 1fab062400be9c6ff4fca22ca494a3ae
d40861657c7653c300f57f2d3c1c9741ccdd3ef1
845e7a835be819296533a4ebdba87c25a63e7c924983d3222e6bbc6c2a99b671
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 20 Sep 2022 14:54:49 GMT
expires: Tue, 20 Sep 2022 14:54:49 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12059346295968386644
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f4243961f88b4c0afd986438a06ca360
ebcb03b16feb59501d3e6ac24f3912a9b1ed91af
aae0e85630738cc7c81aa418a1bd78ed83f4f183ba3662b5151cda5471fda384
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1339
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 14:32:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
200 OK 4.4 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (585)
Hash 51f01f98377569bbbc324944b01bdbdf
916b5de4cc082a3ff9414c3a88542fc32c2ec89a
f5d5637c94689e5b58c9b3b0d9a18acc3a5ed5550f33ec9c86a3d3f25e16e7bb
GET /widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 20 Sep 2022 15:24:49 GMT
Content-Encoding: gzip
0100007f38d42963e1037a6a027e3115-sp.ops.beeline.ru/p?ssp=sp&id=0100007F38D42963E1037A6A027E3115
301 Moved Permanently 0 B URL HTTP/2 0100007f38d42963e1037a6a027e3115-sp.ops.beeline.ru/p?ssp=sp&id=0100007F38D42963E1037A6A027E3115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: 0100007f38d42963e1037a6a027e3115-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=5729a781-0a97-4069-a2d2-7384242fa9ad
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=5729a781-0a97-4069-a2d2-7384242fa9ad; expires=Mon, 11 Sep 2023 14:54:49 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.37
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b7a94989f12f648eec81340e4dd79f81
4ae50c94f39c12046d8522d440f5bb81781d4e9a
47c1d49b8357ed71a8cf8dc9fc0a120b64c65fa4f00a11b05616404729dd7d8e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 00:21:03 GMT
Expires: Sun, 25 Sep 2022 00:21:02 GMT
Etag: "4ae50c94f39c12046d8522d440f5bb81781d4e9a"
Cache-Control: max-age=378972,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db6604f8c9b527-OSL
w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
200 OK 624 B URL HTTP/1.1 w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (511)
Hash db0f291b1ee364d9de4ad30906fac72a
46ae53e00d5964e1fbd0d75c0483f4718db48e8e
9b2a1dadf125f7367489db7e4bd8c22b34ec3126220422467b0de51f0274f64d
GET /widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 20 Sep 2022 15:24:49 GMT
Content-Encoding: gzip
www.acint.net/match?dp=127&euid=o3DjvRAgHpL7HCxMhkiV
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=o3DjvRAgHpL7HCxMhkiV
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=o3DjvRAgHpL7HCxMhkiV HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARi5qKeZBmIgMDEwMDAwN0YzOEQ0Mjk2M0UxMDM3QTZBMDI3RTMxMTWiARAsvjeyOPQR7YbgACWQwGR8
200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARi5qKeZBmIgMDEwMDAwN0YzOEQ0Mjk2M0UxMDM3QTZBMDI3RTMxMTWiARAsvjeyOPQR7YbgACWQwGR8
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARi5qKeZBmIgMDEwMDAwN0YzOEQ0Mjk2M0UxMDM3QTZBMDI3RTMxMTWiARAsvjeyOPQR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQyY2JlMzdiMi0zOGY0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQyY2JlMzdiMi0zOGY0LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Mon, 15 Sep 2042 14:54:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=111&euid=5729a781-0a97-4069-a2d2-7384242fa9ad
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=5729a781-0a97-4069-a2d2-7384242fa9ad
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=5729a781-0a97-4069-a2d2-7384242fa9ad HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash da0d2bb23869354b8e69ef1998c74955
dc09b3a89fa942ff1841e77b0d56e0c5050fa37b
5bb8a38a1b30633ec13aec79ee10d70b96beff95d733b726c36121f3369da092
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=8d2a6af0-46a5-479f-6b0d-fe5edf6b7732
serverid: TODO
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7dac52c8875f8ee9a985c4b24cf0ca34
6f0cfe099f389167c4660ab1eab1be5dd9a0b3a5
9d9e74f7121399f63901dda5622e7ae4e2199c44358a421780c2b1c2fc41114d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D9E74F7121399F63901DDA5622E7AE4E2199C44358A421780C2B1C2FC41114D"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5076
Expires: Tue, 20 Sep 2022 16:19:25 GMT
Date: Tue, 20 Sep 2022 14:54:49 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220915/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:35:43 GMT
expires: Mon, 03 Oct 2022 20:35:43 GMT
cache-control: public, max-age=1209600
age: 65946
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=8d2a6af0-46a5-479f-6b0d-fe5edf6b7732
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=8d2a6af0-46a5-479f-6b0d-fe5edf6b7732
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=8d2a6af0-46a5-479f-6b0d-fe5edf6b7732 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
200 OK 9.1 kB URL HTTP/1.1 w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
IP
ASN #12695 LLC Digital Network
File type Web Open Font Format, TrueType, length 9144, version 0.0\012- data
Hash 2596eafba8821cbd54fb4c4294eea5f2
53046bf3bccd35a24e515fcfbd34b31ec27c841e
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
GET /static/buttons/fonts/icomoon.woff?qq11232333=1232131231321 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://proektanti.ru
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/font-woff
Content-Length: 9144
Connection: keep-alive
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
ETag: "599456f5-23b8"
Expires: Thu, 17 Nov 2022 07:48:49 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTI3MzEwNCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcHJvZWt0YW50aS5ydSUyRnVzZXIlMkZ3b3JrJTJGNTE5MjYlMjIlN0QlNUQ=&mode=0&callback=callback__utl_cb_share_1663685689469749
200 OK 374 B URL HTTP/1.1 w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTI3MzEwNCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcHJvZWt0YW50aS5ydSUyRnVzZXIlMkZ3b3JrJTJGNTE5MjYlMjIlN0QlNUQ=&mode=0&callback=callback__utl_cb_share_1663685689469749
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (374)
Hash 3764d1250f5e9dbba2a763ff46b2185d
3bcc2a95d23f2ae51ced5aba3750c6a5684444e5
8a1c2f9e90e7b1f4a5bc4df3a1c6709bcc637bf085875c70ec0ba2bd0800b599
GET /widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTI3MzEwNCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcHJvZWt0YW50aS5ydSUyRnVzZXIlMkZ3b3JrJTJGNTE5MjYlMjIlN0QlNUQ=&mode=0&callback=callback__utl_cb_share_1663685689469749 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 15 Sep 2022 15:59:22 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Encoding: gzip
w.uptolike.com/widgets/v1/imp?pid=1273104&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&vp=98f7701c-67a6-4e63-8050-b0a5819b8044&ttl=JUQwJUExJUQxJTgyJUQwJUJFJUQwJUJCJUQwJUJFJUQwJUIyJUQwJUIwJUQxJThGJTIwJUQwJUJEJUQwJUIwJTIwMTAwMCUyRjIwMDAlMjAlRDAlQkMlRDAlQjUlRDElODElRDElODIlMkYlRDAlQkYlRDAlQkUlRDElODElRDAlQjUlRDElODklRDAlQjUlRDAlQkQlRDAlQjglRDAlQjk%3D&rnd=0.21546795323655954
204 No Content 0 B URL HTTP/1.1 w.uptolike.com/widgets/v1/imp?pid=1273104&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&vp=98f7701c-67a6-4e63-8050-b0a5819b8044&ttl=JUQwJUExJUQxJTgyJUQwJUJFJUQwJUJCJUQwJUJFJUQwJUIyJUQwJUIwJUQxJThGJTIwJUQwJUJEJUQwJUIwJTIwMTAwMCUyRjIwMDAlMjAlRDAlQkMlRDAlQjUlRDElODElRDElODIlMkYlRDAlQkYlRDAlQkUlRDElODElRDAlQjUlRDElODklRDAlQjUlRDAlQkQlRDAlQjglRDAlQjk%3D&rnd=0.21546795323655954
IP
ASN #12695 LLC Digital Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/v1/imp?pid=1273104&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&vp=98f7701c-67a6-4e63-8050-b0a5819b8044&ttl=JUQwJUExJUQxJTgyJUQwJUJFJUQwJUJCJUQwJUJFJUQwJUIyJUQwJUIwJUQxJThGJTIwJUQwJUJEJUQwJUIwJTIwMTAwMCUyRjIwMDAlMjAlRDAlQkMlRDAlQjUlRDElODElRDElODIlMkYlRDAlQkYlRDAlQkUlRDElODElRDAlQjUlRDElODklRDAlQjUlRDAlQkQlRDAlQjglRDAlQjk%3D&rnd=0.21546795323655954 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
w.uptolike.com/widgets/v1/extra.js?rnd=0.533387151167542
200 OK 1.9 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/extra.js?rnd=0.533387151167542
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (691)
Hash 6ed5b8a27e05b7dd12665149bf99d49b
5accc634c6e89e46b1203dfc48826a1825269b58
689b33ed4450203daff89082a26f9a57f721952c9d436586c4184a12ffce9ed8
GET /widgets/v1/extra.js?rnd=0.533387151167542 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 15 Sep 2022 15:59:22 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=28862114642; Expires=Thu, 19 Sep 2024 14:54:49 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="; Expires=Thu, 19 Sep 2024 14:54:49 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
sync.upravel.com/sape/sync
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663685689670;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1663685689670;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzjUKWPhA3pqAn4xFQ
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzjUKWPhA3pqAn4xFQ
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzjUKWPhA3pqAn4xFQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Tue, 20 Sep 2022 14:54:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F38D42963E1037A6A027E3115
204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F38D42963E1037A6A027E3115
IP
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
set-cookie: uid=XV9maWMp1DlQMEtOBuWdAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash ddf7345b7e11c2f8b4cdc489c8169cfc
2dcd4b0768019f5c2a6d28bee27adddca9199312
9eb05b79cf3eb3f4a3df311d68e80ae6c24afa73c32b48501ef7d7000111a523
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:22:44 GMT
ETag: "2dcd4b0768019f5c2a6d28bee27adddca9199312"
Last-Modified: Tue, 20 Sep 2022 13:22:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3102
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db66095fc41c12-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=565467,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db660918131bfa-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash ddf7345b7e11c2f8b4cdc489c8169cfc
2dcd4b0768019f5c2a6d28bee27adddca9199312
9eb05b79cf3eb3f4a3df311d68e80ae6c24afa73c32b48501ef7d7000111a523
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:22:44 GMT
ETag: "2dcd4b0768019f5c2a6d28bee27adddca9199312"
Last-Modified: Tue, 20 Sep 2022 13:22:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3102
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db66096fee1c12-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 326d2cd6174e531247a5b0179349e69b
565f6aef70d7c28da0c7c9fd2da55220ba5d4224
33f85741b0155af18ec5a002dfb06075ea81c44b3a59bbe17d9a9cb277244652
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4755062504; expires=Thu, 19 Sep 2024 14:54:49 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4755062504
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
status.geotrust.com/
200 OK 280 B IP
Hash 3c6f2dafb3489b72c23f308a133ff907
3dfd55a739c6e2d92cc71e07f0c3a03ad13f77c1
ba3fda8e8acef0363a69b8f3b1c2cecf6c9aa54fe417c76aa8336acecfe6f46a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4484
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 13:40:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
tuuid=64acb941-83c1-5207-b3f8-d26cd0d10655; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
ut=YynUOQANG3jUb92UZnC7YmULm8Wbg81yUjv0fQ==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F38D42963E1037A6A027E3115
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F38D42963E1037A6A027E3115
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.usertrust.com/
200 OK 472 B IP
Hash ddbcbecfc057efc5818baa2d00bf3be9
81959b98f864c8b48587bae773c5a8a33748b4e2
745b010b944478b94b2f6d8dad754fb395abb7dede46876df67be8f0f2283fea
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 04:18:18 GMT
Expires: Mon, 26 Sep 2022 04:18:17 GMT
Etag: "81959b98f864c8b48587bae773c5a8a33748b4e2"
Cache-Control: max-age=600121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1638
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db6609ea450b51-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=565467,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db6608dd71b527-OSL
adservice.google.com/adsid/integrator.js?domain=proektanti.ru
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=proektanti.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=proektanti.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 20 Sep 2022 14:54:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=proektanti.ru
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=proektanti.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=proektanti.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 20 Sep 2022 14:54:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.mail.ru/cm.gif?p=48&id=0100007F38D42963E1037A6A027E3115
200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007F38D42963E1037A6A027E3115
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=1VduaT0owk2C0022Ca1AS7oC:::0-0-0-8442cf9:CAASEMLMxGjjZ9Vr-1mF-FW2a-gaYPwsctKAJVwQ58qm0JK3jmKk1OuK2YLK5sTkTFTN5OTKL0KgYN_QleFuds1plSm5lRwEw0j2hbrUy-xlpnPLBAd177X1bkRpz06m3i0TYRmBR4dS_ThCRe14o51WnIY4FA; path=/; expires=Thu, 21-Sep-23 14:54:49 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Tue, 20 Sep 2022 20:54:49 GMT
cache-control: max-age=21600
last-modified: Tue, 20 Sep 2022 14:54:49 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
tuuid=943d9ea8-b797-5207-9994-ba51fabd6e68; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
ut=YynUOQAOiqhUbI71X9JNnhFKfjKNpbz9fa_3dw==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:49 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 20 Sep 2022 14:54:49 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=S7_m_VG1oVCT
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=S7_m_VG1oVCT; Path=/; Domain=.rutarget.ru; Expires=Sun, 19 Mar 2023 14:54:49 GMT; SameSite=None; Secure
status.thawte.com/
200 OK 471 B IP
Hash 05f4ec4dbc9843e5f329145fd03b15e4
983430afc6d0dcc0cf29209a7f27871e86dbda2a
b19cc3875aaadafb62c0ea3c5724c9afa8761b5e787768d3cbe9b843dfde0995
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6379
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:49 GMT
Last-Modified: Tue, 20 Sep 2022 13:08:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 326d2cd6174e531247a5b0179349e69b
565f6aef70d7c28da0c7c9fd2da55220ba5d4224
33f85741b0155af18ec5a002dfb06075ea81c44b3a59bbe17d9a9cb277244652
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 102e9869dae24623786fc3ac21cc9f8e
8d2c97c9b30db6984ad0e77fadbadee562ec0959
3429a8bc8ae10f35e72c118e539b737f6109bbfdbf9b53b069d480210f05fad2
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:40:27 GMT
ETag: "8d2c97c9b30db6984ad0e77fadbadee562ec0959"
Last-Modified: Tue, 20 Sep 2022 13:40:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2773
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660a99171c12-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1095cbeab0f073ac21b542ece43906e4
6a95016d800f003c5a9be4fb1a806178aeb263b3
cea83b7581093c0900582f4034033ef7b759a15163cd164b513f7cc47de60694
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=602032,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74db660a69231bfa-OSL
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash ec6bc0b105a11e1ef32820fd9ec46bc4
ae60a0e04a455699c212370f1def3ac5c59f7226
3347445e20bc00df77e9eea71cc59e7115bd0c50d1edaff66c823fbb4ca2e25b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 12:28:19 GMT
ETag: "ae60a0e04a455699c212370f1def3ac5c59f7226"
Last-Modified: Tue, 20 Sep 2022 12:28:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2802
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660abe411c02-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e74e5405d2997e0554f2cab337875751
51bbd4347fbfc5a6d8c00c61758fff183281ad11
7475606a3386c57c9829723235b6bbe9372a7e818d8a7ae4dca979341eb089b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7475606A3386C57C9829723235B6BBE9372A7E818D8A7AE4DCA979341EB089B4"
Last-Modified: Sun, 18 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6524
Expires: Tue, 20 Sep 2022 16:43:34 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
sm.rtb.mts.ru/p?ssp=sape&id=0100007F38D42963E1037A6A027E3115
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007F38D42963E1037A6A027E3115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 15:05:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F38D42963E1037A6A027E3115
Set-Cookie: dspid=5af5ff13-8145-4d0f-b5bd-27fd3b61d556; expires=Mon, 11 Sep 2023 14:54:50 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 356930deea2ba19cea2ba72ad63c3467
bf1c5981543ec12ecd64010b1bdd47e219fa502d
20dade172b894583d5168a14b5e64e5c5070a2f82a3febffd2dd9a9a511a6e0b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sat, 24 Sep 2022 12:59:03 GMT
ETag: "bf1c5981543ec12ecd64010b1bdd47e219fa502d"
Last-Modified: Tue, 20 Sep 2022 12:59:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 610
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660ae9af1c12-OSL
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Length: 0
Connection: close
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0054324279fdc4fc9e0212512404b058
7259654c9c551266de0bdb75fe89e83abdacebf5
9d84484b080308c2e23647e7faa96e8b925b04883018c9281d21d524cda3dcd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D84484B080308C2E23647E7FAA96E8B925B04883018C9281D21D524CDA3DCD3"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4230
Expires: Tue, 20 Sep 2022 16:05:20 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
px.adhigh.net/p/cm/sape?u=0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F38D42963E1037A6A027E3115
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
x-backend-id: f4-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=L5FWXBDff3m.AikABlGDW2UCxQ;Path=/;Domain=.adhigh.net;Expires=Wed, 20-Sep-2023 14:54:50 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007F38D42963E1037A6A027E3115&bounced=1
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 14:54:50 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115&bounce=1
expires: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 20 Sep 2022 14:54:49 GMT
set-cookie: __upin=QTTkz0VK+VhIFNSXyptesw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663685690;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 23eb71533da85236650e57e30d927351
dd9fffff169c0167b16c26cf258d424dfd6f0c3b
556cf8176a8284f288115c61ac8c83089789a90012fc7c53e62772fd2df796f4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 23:02:02 GMT
Expires: Tue, 20 Sep 2022 23:02:02 GMT
ETag: "dd9fffff169c0167b16c26cf258d424dfd6f0c3b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd080ca84eee81e9b0b001727be0ad1a
3c6a4a20b0261b4d63f00b734ecf50d77ad4778c
85716a0829aa2fc83aa802512cb64b15534e31b098efebeb4180037433df111a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85716A0829AA2FC83AA802512CB64B15534E31B098EFEBEB4180037433DF111A"
Last-Modified: Sun, 18 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6471
Expires: Tue, 20 Sep 2022 16:42:41 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 25ecac794ec264fe2f3982df013dcd5b
1b1b89c4818883a5ba8c8141d9ae987f5bf52d75
4d841781cdd5ac51fbc57b80a6c6aa4a872103a6b71f2a6facb69a3856c3ad3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D841781CDD5AC51FBC57B80A6C6AA4A872103A6B71F2A6FACB69A3856C3AD3F"
Last-Modified: Sun, 18 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Tue, 20 Sep 2022 17:33:48 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
www.acint.net/match?dp=104&euid=S7_m_VG1oVCT
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=S7_m_VG1oVCT
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=S7_m_VG1oVCT HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
tuuid=8048538a-4dde-5207-a262-63f2c14bb7c8; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
ut=YynUOgABdwCypQs8Ydx6jGVA1l8XBO0n_sGHkg==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
af.click.ru/collect_stat.js
200 OK 913 B URL HTTP/1.1 af.click.ru/collect_stat.js
IP
ASN #20655 e-Style ISP LLC
Hash 9531806d16d72f9659eaab01bd09689b
7640f092c2b928c614bb46251477a3c80b3e820b
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
GET /collect_stat.js HTTP/1.1
Host: af.click.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/javascript
Content-Length: 913
Last-Modified: Fri, 22 Jul 2022 11:33:41 GMT
Connection: keep-alive
ETag: "62da8b15-391"
Accept-Ranges: bytes
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007F38D42963E1037A6A027E3115&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
tuuid=226dda94-e3db-5207-8bab-998fe8824db5; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
ut=YynUOgABioiJJAGn-HrW4M3FpM3iWqNT8Zjj8Q==; Max-Age=31536000; Expires=Wed, 20 Sep 2023 14:54:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Tue, 20 Sep 2022 14:54:49 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1100929475
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 20 Sep 2022 14:54:50 GMT
set-cookie: AFFICHE_W=u2XHmL32HWi740; expires=Wed, 18 Oct 2023 14:54:50 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115&bounce=1
204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115&bounce=1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F38D42963E1037A6A027E3115&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 20 Sep 2022 14:54:50 GMT
expires: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 20 Sep 2022 14:54:49 GMT
set-cookie: __upin=O4mY5MZEiZD9zPitLnahXQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663685690;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F38D42963E1037A6A027E3115
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F38D42963E1037A6A027E3115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 20 Sep 2022 15:05:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
px.adhigh.net/p/cm/sape?u=0100007F38D42963E1037A6A027E3115&bounced=1
200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F38D42963E1037A6A027E3115&bounced=1
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007F38D42963E1037A6A027E3115&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
content-length: 49
x-backend-id: f4-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
prespan.ru/sou/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sou/ HTTP/1.1
Host: prespan.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Tuesday, 20-Sep-2022 14:54:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash ea5eb98f9f3475ecdc320167f9259e83
8518487e9c96e39ab7c480ee385f9507b2f515eb
f5060e3fdafeea86921164ec62a2c789e9d1ff6711f939a38d67ab84cea4e9f5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 24 Sep 2022 13:45:48 GMT
ETag: "8518487e9c96e39ab7c480ee385f9507b2f515eb"
Last-Modified: Tue, 20 Sep 2022 13:45:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 258
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db660b9a6e1c12-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 60737
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 60465
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1100929475
204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1100929475
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1100929475 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Tue, 20 Sep 2022 14:54:49 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 20 Sep 2022 14:54:50 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 60714
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 61486
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 43713
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
postabuse.ru/yaml/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /yaml/ HTTP/1.1
Host: postabuse.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Tuesday, 20-Sep-2022 14:54:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 59480
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 32d60a76f04221b40dd32e506b6cd47d
89367db15ef63d7916871a006276a981c8b7aec3
c36ad4f90208ed924129ff27e00a6662cc5cc4bf8c4c70e07d04107ddb47d817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 23eb71533da85236650e57e30d927351
dd9fffff169c0167b16c26cf258d424dfd6f0c3b
556cf8176a8284f288115c61ac8c83089789a90012fc7c53e62772fd2df796f4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 23:02:02 GMT
Expires: Tue, 20 Sep 2022 23:02:02 GMT
ETag: "dd9fffff169c0167b16c26cf258d424dfd6f0c3b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
mc.yandex.ru/metrika/watch.js
200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (570)
Hash 391a215e05068c5be2664d25f7da8d36
10dfd9f651da6e6fee2e8f642bd6d028c0eedf27
ea77b7ad45188499d5f7615567bfc10a1a87f75d4c794dbbfc7332baf0ee2a74
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57028
date: Tue, 20 Sep 2022 14:54:50 GMT
access-control-allow-origin: *
etag: "63295b76-dec4"
expires: Tue, 20 Sep 2022 15:54:50 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 697b28bd53238d7bb44c9175c9805bd2
0069f22468d82363e2515560eece95e249c18266
fbee95621192e651d5b45dd7d806ac6d518aa3a0a2753075b212c53cd80ef8fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBEE95621192E651D5B45DD7D806AC6D518AA3A0A2753075B212C53CD80EF8FB"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5817
Expires: Tue, 20 Sep 2022 16:31:47 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32582c3fd272392bc8b5b8be428c85f5
ab1146b5c562087a3bdf404a8ffa5b444ad807d0
0e16dd0ebc31e7732c2c87b2dc204d184b6aaf15804e349f3caa98c2e0d7b9d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E16DD0EBC31E7732C2C87B2DC204D184B6AAF15804E349F3CAA98C2E0D7B9D0"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20815
Expires: Tue, 20 Sep 2022 20:41:45 GMT
Date: Tue, 20 Sep 2022 14:54:50 GMT
Connection: keep-alive
tech.rtb.mts.ru/
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=08f9c10a-c468-43e0-9625-f4678b155ff2; Domain=mts.ru; expires=Thu, 29 Jul 2032 14:54:50 GMT; SameSite=None; Secure
mts_id_last_sync=1663685690; Domain=mts.ru; expires=Thu, 29 Jul 2032 14:54:50 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
w.uptolike.com/widgets/v1/zp/support.html
200 OK 3.8 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp/support.html
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a4af8c67ad0a2a6f681a742faca4463e
50794dee2e25cb8ec2187256750e00dc3231faa7
10ace92ddcb397879ff3569155caf7c3e28c3b4ee8c35eaddb48af927520ecf5
GET /widgets/v1/zp/support.html HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: utl_id2=28862114642; utl_dat="CO37k9u1MBAAIO3M3uO1MCjtzN7jtTAwADFy4kGX4j7QFbhrQMx41u0="
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:50 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 20 Sep 2022 15:24:50 GMT
Content-Encoding: gzip
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 20 Sep 2022 14:54:50 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Tue, 20 Sep 2022 15:54:50 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abjn60e0bxws6qaf56eoxk%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1574197945373%3Ahid%3A456519761%3Az%3A0%3Ai%3A20220920145450%3Aet%3A1663685690%3Ac%3A1%3Arn%3A919682930%3Arqn%3A1%3Au%3A1663685690351592393%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C200%2C124%2C0%2C342%2C0%2C%2C622%2C1%2C%2C%2C%2C1356%3Ans%3A1663685687248%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663685690%3At%3A%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abjn60e0bxws6qaf56eoxk%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1574197945373%3Ahid%3A456519761%3Az%3A0%3Ai%3A20220920145450%3Aet%3A1663685690%3Ac%3A1%3Arn%3A919682930%3Arqn%3A1%3Au%3A1663685690351592393%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C200%2C124%2C0%2C342%2C0%2C%2C622%2C1%2C%2C%2C%2C1356%3Ans%3A1663685687248%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663685690%3At%3A%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 68bdb17ae4ed8f5a20be335bb90f1118
8757bb5bb5a794dd6b374e0bda76e9967aab9240
e3d9c4257e8e70662c7c3743493b15d9ec3a66702021d29ff577d81ed20ad2ad
GET /watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abjn60e0bxws6qaf56eoxk%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1574197945373%3Ahid%3A456519761%3Az%3A0%3Ai%3A20220920145450%3Aet%3A1663685690%3Ac%3A1%3Arn%3A919682930%3Arqn%3A1%3Au%3A1663685690351592393%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C200%2C124%2C0%2C342%2C0%2C%2C622%2C1%2C%2C%2C%2C1356%3Ans%3A1663685687248%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663685690%3At%3A%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proektanti.ru
Referer: https://proektanti.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Tue, 20 Sep 2022 14:54:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://proektanti.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:54:50 GMT
last-modified: Tue, 20-Sep-2022 14:54:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 56575d695c93d364183268445aa739d5
7b9878911103b1a77a0def4c155fb0c50e60a8f9
2ede51889e77ef804425a17e2aeb6c3709ab52809c1706733d42fed4c3db03aa
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5679
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:50 GMT
Last-Modified: Tue, 20 Sep 2022 13:20:11 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 56575d695c93d364183268445aa739d5
7b9878911103b1a77a0def4c155fb0c50e60a8f9
2ede51889e77ef804425a17e2aeb6c3709ab52809c1706733d42fed4c3db03aa
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=161873
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:50 GMT
Etag: "63299230-1d7"
Expires: Thu, 22 Sep 2022 11:52:43 GMT
Last-Modified: Tue, 20 Sep 2022 10:13:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663685689670
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 14:54:50 GMT
content-type: image/png
content-length: 0
location: https://f2c75b0d-2602-4bab-bd6f-61b28fec7aa6.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=f2c75b0d-2602-4bab-bd6f-61b28fec7aa6;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=f2c75b0d-2602-4bab-bd6f-61b28fec7aa6;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 8fd7b789f3980e04b3ab40087a3ca5f0
c261f12ffdcdd38b72513b06baf7823ffd5bcf4e
2d27519c179a609449998ed1b2fc266f1608baa4a3ce3ef00e10ede4e795491c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 24 Sep 2022 11:52:46 GMT
ETag: "c261f12ffdcdd38b72513b06baf7823ffd5bcf4e"
Last-Modified: Tue, 20 Sep 2022 11:52:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3477
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db6611ee071c02-OSL
status.geotrust.com/
200 OK 471 B IP
Hash 225bd7fe0108c9f0f81e507a15238570
a6e6b8ee54d2fcb27131611132332473e76d19a6
55a3315df19b45ed146602e906f2c718dce8318d67309568965af86e01d9a026
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:51 GMT
Last-Modified: Tue, 20 Sep 2022 13:10:26 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 225bd7fe0108c9f0f81e507a15238570
a6e6b8ee54d2fcb27131611132332473e76d19a6
55a3315df19b45ed146602e906f2c718dce8318d67309568965af86e01d9a026
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:54:51 GMT
Last-Modified: Tue, 20 Sep 2022 13:29:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash 8fd7b789f3980e04b3ab40087a3ca5f0
c261f12ffdcdd38b72513b06baf7823ffd5bcf4e
2d27519c179a609449998ed1b2fc266f1608baa4a3ce3ef00e10ede4e795491c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 14:54:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 24 Sep 2022 11:52:46 GMT
ETag: "c261f12ffdcdd38b72513b06baf7823ffd5bcf4e"
Last-Modified: Tue, 20 Sep 2022 11:52:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3477
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74db6611fe181c02-OSL
api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dps&callback=callback__utl_cb_share_1663685690830458
200 OK 108 B URL HTTP/2 api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dps&callback=callback__utl_cb_share_1663685690830458
IP
File type ASCII text, with no line terminators
Hash 7da1188f018aff4bf6b53523a1fac590
985a8319d7adb7b12f6c888f5ec3bc6cb8874863
ef1cdffc889381ed3adb016d8385e739574204d8baa2f6e6527b781bceb7d1a5
GET /v1/urls/count.json?&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dps&callback=callback__utl_cb_share_1663685690830458 HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
expires: Tue, 20 Sep 2022 15:09:51 GMT
x-envoy-upstream-service-time: 2
cache-control: no-cache, no-store, must-revalidate
age: 0
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
x-pinterest-rid: 7551005191805171
date: Tue, 20 Sep 2022 14:54:51 GMT
x-cdn: fastly
content-length: 108
X-Firefox-Spdy: h2
api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690829362
200 OK 98 B URL HTTP/2 api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690829362
IP
File type ASCII text, with no line terminators
Hash 6b1954b41ba570806aabad6a5c01ee99
195abea894235b22945dcd4d1cab330a2058f5e4
ce7ab9827be894526cca236827e0ca51c837f850d6a1455867cf580cc4a069d2
GET /v1/urls/count.json?&url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690829362 HTTP/1.1
Host: api.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/javascript
expires: Tue, 20 Sep 2022 15:09:51 GMT
x-envoy-upstream-service-time: 2
cache-control: no-cache, no-store, must-revalidate
age: 0
set-cookie: _ir=0; Max-Age=1800; HttpOnly; Path=/; Secure
x-pinterest-rid: 1309052765740354
date: Tue, 20 Sep 2022 14:54:51 GMT
x-cdn: fastly
content-length: 98
X-Firefox-Spdy: h2
connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dok&callback=callback__utl_cb_share_166368569081380
200 OK 70 B URL HTTP/2 connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dok&callback=callback__utl_cb_share_166368569081380
IP
File type ASCII text, with no line terminators
Hash f236a4780e5779fae92fee2f01e38bb0
b9ced475bc75f2502a981b979a0f51fb80aa313f
f7261fe28f2a45b39e2308b890413f7be5580e7a9ece7991465e3cc43fe4fff1
GET /dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dok&callback=callback__utl_cb_share_166368569081380 HTTP/1.1
Host: connect.ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Tue, 20 Sep 2022 14:54:51 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-4923401238341287755; Domain=.ok.ru; Expires=Sun, 08-Oct-2090 18:08:58 GMT; Path=/; Secure; HttpOnly
_statid=b994aa8e-6c9a-43f2-bce4-96b8a296a482; Domain=.ok.ru; Expires=Sun, 08-Oct-2090 18:08:58 GMT; Path=/; Secure; HttpOnly
landref=w.uptolike.com; Domain=.ok.ru; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
content-encoding: br
X-Firefox-Spdy: h2
connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690812926
200 OK 70 B URL HTTP/2 connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690812926
IP
File type ASCII text, with no line terminators
Hash f236a4780e5779fae92fee2f01e38bb0
b9ced475bc75f2502a981b979a0f51fb80aa313f
f7261fe28f2a45b39e2308b890413f7be5580e7a9ece7991465e3cc43fe4fff1
GET /dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690812926 HTTP/1.1
Host: connect.ok.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Tue, 20 Sep 2022 14:54:51 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=8006619716474131324; Domain=.ok.ru; Expires=Sun, 08-Oct-2090 18:08:58 GMT; Path=/; Secure; HttpOnly
_statid=64f6033a-c6ec-4dc9-97fd-26a5afd01624; Domain=.ok.ru; Expires=Sun, 08-Oct-2090 18:08:58 GMT; Path=/; Secure; HttpOnly
landref=w.uptolike.com; Domain=.ok.ru; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-origin: *
access-control-allow-credentials: true
rendered-blocks: WidgetExtLike
content-encoding: br
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4755062504
302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4755062504
IP
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4755062504 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Tue, 20 Sep 2022 14:54:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Thu, 19 Sep 2024 14:54:50 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
connect.mail.ru/share_count?func=mrc__shareInit605&url_list=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690856919
200 OK 97 B URL HTTP/1.1 connect.mail.ru/share_count?func=mrc__shareInit605&url_list=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690856919
IP
Hash d59266be6d67f9eced351c506d6bc64c
bab79458e514ffd9ad6cf5e272b3192ae6de7d35
c8cc62dce3e76c75b90632a79cc6d8e3d86d2718712d27bddfddf792d7d5d093
GET /share_count?func=mrc__shareInit605&url_list=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&callback=callback__utl_cb_share_1663685690856919 HTTP/1.1
Host: connect.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:51 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Length: 97
Connection: keep-alive
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
connect.mail.ru/share_count?func=mrc__shareInit640&url_list=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dmr&callback=callback__utl_cb_share_16636856908578
200 OK 107 B URL HTTP/1.1 connect.mail.ru/share_count?func=mrc__shareInit640&url_list=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dmr&callback=callback__utl_cb_share_16636856908578
IP
Hash 0996912fe366122ba6f5746f62571327
1d0750ef7237fb81f31c54b486b0df2acb7aaeab
0bd074eb0d671829fd59c1ae6cbbb03339b19d393d2dba9da46af18661b0a305
GET /share_count?func=mrc__shareInit640&url_list=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926%3F_utl_t%3Dmr&callback=callback__utl_cb_share_16636856908578 HTTP/1.1
Host: connect.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.uptolike.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:51 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Length: 107
Connection: keep-alive
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 20 Sep 2022 14:54:51 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F38D42963E1037A6A027E3115
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.4.0&uid=5f750206-cdcc-470c-bebd-5a94d214ea7c&dp=10&tz=%2B00%3A00&nc=40763534&dT=2022-09-20T14%3A54%3A51.711
200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=5f750206-cdcc-470c-bebd-5a94d214ea7c&dp=10&tz=%2B00%3A00&nc=40763534&dT=2022-09-20T14%3A54%3A51.711
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=5f750206-cdcc-470c-bebd-5a94d214ea7c&dp=10&tz=%2B00%3A00&nc=40763534&dT=2022-09-20T14%3A54%3A51.711 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F38D42963E1037A6A027E3115
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F38D42963E1037A6A027E3115
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 14:54:51 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abjn60e0bxws6qaf56eoxk%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1574197945373%3Ahid%3A456519761%3Az%3A0%3Ai%3A20220920145450%3Aet%3A1663685690%3Ac%3A1%3Arn%3A919682930%3Arqn%3A1%3Au%3A1663685690351592393%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C200%2C124%2C0%2C342%2C0%2C%2C622%2C1%2C%2C%2C%2C1356%3Ans%3A1663685687248%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663685690%3At%3A%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abjn60e0bxws6qaf56eoxk%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1574197945373%3Ahid%3A456519761%3Az%3A0%3Ai%3A20220920145450%3Aet%3A1663685690%3Ac%3A1%3Arn%3A919682930%3Arqn%3A1%3Au%3A1663685690351592393%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C200%2C124%2C0%2C342%2C0%2C%2C622%2C1%2C%2C%2C%2C1356%3Ans%3A1663685687248%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663685690%3At%3A%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/23414332?wmode=7&page-url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abjn60e0bxws6qaf56eoxk%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1574197945373%3Ahid%3A456519761%3Az%3A0%3Ai%3A20220920145450%3Aet%3A1663685690%3Ac%3A1%3Arn%3A919682930%3Arqn%3A1%3Au%3A1663685690351592393%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C200%2C124%2C0%2C342%2C0%2C%2C622%2C1%2C%2C%2C%2C1356%3Ans%3A1663685687248%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663685690%3At%3A%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://proektanti.ru
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fproektanti.ru%2Fuser%2Fwork%2F51926&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abjn60e0bxws6qaf56eoxk%3Afp%3A1359%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1574197945373%3Ahid%3A456519761%3Az%3A0%3Ai%3A20220920145450%3Aet%3A1663685690%3Ac%3A1%3Arn%3A919682930%3Arqn%3A1%3Au%3A1663685690351592393%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C200%2C124%2C0%2C342%2C0%2C%2C622%2C1%2C%2C%2C%2C1356%3Ans%3A1663685687248%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663685690%3At%3A%D0%A1%D1%82%D0%BE%D0%BB%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BD%D0%B0%201000%2F2000%20%D0%BC%D0%B5%D1%81%D1%82%2F%D0%BF%D0%BE%D1%81%D0%B5%D1%89%D0%B5%D0%BD%D0%B8%D0%B9&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 20 Sep 2022 14:54:50 GMT
access-control-allow-origin: https://proektanti.ru
set-cookie: yandexuid=3583381741663685690; Expires=Wed, 20-Sep-2023 14:54:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3583381741663685690; Expires=Wed, 20-Sep-2023 14:54:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2151938271663685690; Path=/; SameSite=None; Secure
i=gE8trie5zfkzj4cciCNZjdw2ArXCKOmwL0TTEuKljDVQ7TvAZ2S1YrW28Q3x0/FYaPAK8CXBMwKMIm0JfuRk6QK0G1c=; Expires=Fri, 17-Sep-2032 14:54:50 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695221690.yrts.1663685690#1695221690.yrtsi.1663685690; Expires=Wed, 20-Sep-2023 14:54:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 14:54:50 GMT
last-modified: Tue, 20-Sep-2022 14:54:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=f2c75b0d-2602-4bab-bd6f-61b28fec7aa6
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=f2c75b0d-2602-4bab-bd6f-61b28fec7aa6
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=f2c75b0d-2602-4bab-bd6f-61b28fec7aa6 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission; cSyncDp7v2=1663685688; cSyncDp14v3=1663685688; cSyncDp17=1663685688; cSyncDp32=1663685688; cSyncDp45v3=1663685688; cSyncDp53=1663685688; cSyncDp54v2=1663685688; cSyncDp62=1663685688; cSyncDp67v2=1663685688; cSyncDp68=1663685688; cSyncDp71=1663685688; cSyncDp77=1663685688; cSyncDp84=1663685688; cSyncDp85=1663685688; cSyncDp95v3=1663685688; cSyncDp101=1663685688; cSyncDp104v2=1663685688; cSyncDp107=1663685688; cSyncDp110=1663685688; cSyncDp111v2=1663685688; cSyncDp112v2=1663685688; cSyncDp125v2=1663685688; cSyncDp126=1663685688; cSyncDp127=1663685688; cSyncDp129=1663685688; cSyncDp136v2=1663685688; cSyncDp138=1663685688; cSyncDp144=1663685688; cSyncDp146=1663685688; cSyncDp148=1663685688; cSyncDp149=1663685688; cSyncDp151=1663685688; cSyncDp178=1663685688; cSyncDp179=1663685688; cSyncDp186=1663685688; cSyncDp221=1663685688
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:53 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
nordw.ingeitn.ru/i/k.js
200 OK 0 B IP
ASN #199524 G-Core Labs S.A.
GET /i/k.js HTTP/1.1
Host: nordw.ingeitn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:54:50 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"d0226560a2d22923fc0b287025fd9906"
last-modified: Fri, 26 Nov 2021 15:34:02 GMT
x-timestamp: 1637940841.37913
x-trans-id: 16bb22845d641b0a
age: 0
expires: Thu, 22 Sep 2022 02:54:50 GMT
cache-control: max-age=129600
cache: HIT
x-cached-since: 2022-09-20T14:40:00+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F38D42963E1037A6A027E3115
302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F38D42963E1037A6A027E3115
IP
GET /mapuid/sapeis/0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007F38D42963E1037A6A027E3115?redir-setuniq=1
date: Tue, 20 Sep 2022 14:54:50 GMT
set-cookie: yandexuid=7408318221663685690; domain=.yandex.ru; path=/; expires=Fri, 17-Sep-2032 14:54:50 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20 Sep 2022 14:54:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 20 Sep 2022 14:54:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007F38D42963E1037A6A027E3115?redir-setuniq=1
200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007F38D42963E1037A6A027E3115?redir-setuniq=1
IP
GET /mapuid/sapeis/0100007F38D42963E1037A6A027E3115?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 20 Sep 2022 14:54:50 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20 Sep 2022 14:54:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 20 Sep 2022 14:54:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
edn.whilen.ru/sta453b3qh45lr/1.4.5.js
200 OK 0 B URL HTTP/2 edn.whilen.ru/sta453b3qh45lr/1.4.5.js
IP
ASN #199524 G-Core Labs S.A.
Analyzer Verdict Alert fortinet Malware
GET /sta453b3qh45lr/1.4.5.js HTTP/1.1
Host: edn.whilen.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:54:50 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"e22b559d6fc3241ea271ecf13869d8fc"
last-modified: Fri, 26 Nov 2021 15:33:27 GMT
x-timestamp: 1637940806.16302
x-trans-id: 16bb227c2a251146
age: 1
cache: HIT
x-cached-since: 2022-09-20T14:53:52+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.retget.ru/pwk/mc.php
200 OK 0 B IP
ASN #24940 Hetzner Online GmbH
GET /pwk/mc.php HTTP/1.1
Host: cdn.retget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 20 Sep 2022 14:54:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: hjelwf=d6e64582a38f44e886024eed19e7d99b; expires=Tue, 20-Sep-2022 15:54:53 GMT; Max-Age=3600; path=/; SameSite=None; Secure; domain=cdn.retget.ru
content-encoding: gzip
mode: no-cors
access-control-allow-origin: *
cache-control: no-cache
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
200 OK 0 B URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://proektanti.ru/
Connection: keep-alive
Cookie: aid=fwAAAWMp1DhqegPhFTF+AgmfGp5iUJObwZyjitTL07iII0fG; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 20 Sep 2022 14:54:48 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1663685688; expires=Wed, 21-Sep-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1663685688; expires=Tue, 04-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1663685688; expires=Tue, 04-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1663685688; expires=Tue, 04-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1663685688; expires=Wed, 05-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1663685688; expires=Thu, 20-Oct-22 14:54:48 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115
200 OK 0 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /merge_gpsid/?sid=50&id=0100007F38D42963E1037A6A027E3115 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 20 Sep 2022 14:54:49 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
cdn.smntq.com/c83ul/smart.js
200 OK 0 B URL HTTP/2 cdn.smntq.com/c83ul/smart.js
IP
ASN #24940 Hetzner Online GmbH
GET /c83ul/smart.js HTTP/1.1
Host: cdn.smntq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://proektanti.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Tue, 20 Sep 2022 14:54:50 GMT
content-type: text/javascript;charset=UTF-8
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
88.214.230.195
139.45.228.100
142.250.74.130
92.223.97.97
144.76.119.17
46.243.142.239
104.21.59.66
31.220.27.155
151.101.84.84
95.217.109.66
23.36.76.226