rkiz.ru/
45.130.41.35301 Moved Permanently 295 B IP 45.130.41.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f1de6dd79e12a0f236b14f8018478b0d
0c3ad0178736ca21c168bce8a7497436cadedfd0
30b3ec617a92aaf8821ae4f1b39d54ab05afb1b6cb5bfbfb3277e1baf3f8fe7f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rkiz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx-reuseport/1.21.1
Date: Wed, 21 Sep 2022 09:33:28 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Connection: keep-alive
Keep-Alive: timeout=30
Location: https://rkiz.ru/
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 10:33:28 GMT
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 09:14:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bk7ywrkvh-nUADIzTKjsPgF_bFzNeqel5SuDxfC81YXRcGKOjyHEdg==
Age: 1145
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2177
Expires: Wed, 21 Sep 2022 10:09:45 GMT
Date: Wed, 21 Sep 2022 09:33:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MyKj3_Gp3HbdwDtMXkz6H9qdEKnIgXXZo1rCOgibnKxawMdm12D_QQ==
age: 17895
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76f2b52d80200b396282cd183f4aedc2
afe4aaeb7b6de7fc96dfdc707531ef867d40134a
b86d25b975a800fdfb48d73b7e72429943d166eafe064be3334d72c1834962a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B86D25B975A800FDFB48D73B7E72429943D166EAFE064BE3334D72C1834962A4"
Last-Modified: Wed, 21 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Sep 2022 15:33:29 GMT
Date: Wed, 21 Sep 2022 09:33:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 09:40:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Uie04PTC4Nb_8NOjUvRYTuACkO3aYgIlwAiW0QmqnDb-Y75VRMWR1w==
Age: 1807
rkiz.ru/
45.130.41.35301 Moved Permanently 0 B IP 45.130.41.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: rkiz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:29 GMT
content-type: text/html
content-length: 0
vary: X-Forwarded-Proto,Accept-Encoding
x-powered-by: PHP/7.3.31
x-redirect-by: WordPress
location: https://investstable.ru/
cache-control: max-age=3600
expires: Wed, 21 Sep 2022 10:33:29 GMT
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6351
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:29 GMT
Last-Modified: Wed, 21 Sep 2022 07:47:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a91b65217c1d31a1bfc386ebb39253c
6094865b9c7e6dc4e14475f24a4d441a3ee48603
6a644fa058890a19071c6cf17848aacc8c2db7e7c22e805f91bf9b40adfd4c3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A644FA058890A19071C6CF17848AACC8C2DB7E7C22E805F91BF9B40ADFD4C3E"
Last-Modified: Wed, 21 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Wed, 21 Sep 2022 15:33:25 GMT
Date: Wed, 21 Sep 2022 09:33:29 GMT
Connection: keep-alive
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3kMcmXtHcfAGP4QfLUn8Fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3P1byl8sS8rzkcuoiBIR5aK2LqY=
investstable.ru/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
45.130.41.35200 OK 4.8 kB URL HTTP/2 investstable.ru/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
IP 45.130.41.35:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ratemypost \012- data
Hash 5772d7b0d9851e23e062eafadaf7729f
c774ae6a5da5dd14342db3281735dc2812da1d3d
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/octet-stream
content-length: 4824
last-modified: Sat, 03 Sep 2022 08:53:46 GMT
etag: "6313161a-12d8"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
investstable.ru/wp-content/plugins/wp-social-likes/css/custom-buttons.css?ver=6.0.2
45.130.41.35200 OK 5.2 kB URL HTTP/2 investstable.ru/wp-content/plugins/wp-social-likes/css/custom-buttons.css?ver=6.0.2
IP 45.130.41.35:0
Hash 803b7152799f0f6fdcdf00c90a508fa8
a95954b20e06d23a9e7ea5bb5d95e0cbb3253875
de73ab1ad4ebcbb396711745f72008e7bdfc232c4ea84b308bc3485a924fbec8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-social-likes/css/custom-buttons.css?ver=6.0.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 02 Oct 2017 09:45:09 GMT
vary: Accept-Encoding
etag: W/"59d20aa5-1dbd"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-150971850-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-150971850-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 37a9a534f4b6a40b029f6c3ca3ac6382
9db928bbff5f80f42dd49d6a7ecaeeb9b7e34592
bcd59fa57a955b393ae98b306718adffaac1eb83500e3a1dc6238020d93102b0
GET /gtag/js?id=UA-150971850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 09:33:30 GMT
expires: Wed, 21 Sep 2022 09:33:30 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42194
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
45.130.41.35200 OK 7.6 kB URL HTTP/2 investstable.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 45.130.41.35:0
Hash a401171606c7b58c95ba8f78b207f497
d850036814f95e8d4307b6700d3fa926ff59e8ec
4ac6a1f523f295e2d38e6ad24c7a8572fde2ae2ad2eb21616e66c33594d2f8dd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 19 Sep 2022 14:46:23 GMT
vary: Accept-Encoding
etag: W/"632880bf-7917"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i
IP 142.250.74.10:0
Hash 0d161fe214e37adaa56f6835d236c010
df63fd57d86f2dc7c09196480c2b71cd3b8f6545
41db7f12b98a7e804ca4738b0dec4749a9fcf7931fa65e1944920f99c43a37a6
GET /css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Poppins:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 09:33:30 GMT
date: Wed, 21 Sep 2022 09:33:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2020/05/cropped-vsyo-o-zarabotke-v-internete-scaled-1.jpg
45.130.41.35200 OK 105 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/05/cropped-vsyo-o-zarabotke-v-internete-scaled-1.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1250x291, components 3\012- data
Size 105 kB (104731 bytes)
Hash c1cb42f2586a7bea5a881a948876456b
b18147881ec1e9509c25d8d0eca2b9e10ddc63ef
ef0eb2ff448a4c83518f8dd3e89aff1123790226d87fcce4ec8c9ee6a3d7e3d8
GET /wp-content/uploads/2020/05/cropped-vsyo-o-zarabotke-v-internete-scaled-1.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 104731
last-modified: Sun, 17 May 2020 17:28:39 GMT
etag: "5ec17447-1991b"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2022/09/vk_dm-480x360.jpg
45.130.41.35200 OK 40 kB URL HTTP/2 investstable.ru/wp-content/uploads/2022/09/vk_dm-480x360.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 5dc73406aae193005e9cf3a7c204d3b1
87cca995b9d938e450bfb3d0ff54ac039f7e2b52
24b9e3b9009e663dabb5cdc28d3da5a218a01ef3e7f32261a2834234f1562fbf
GET /wp-content/uploads/2022/09/vk_dm-480x360.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 39518
last-modified: Sat, 03 Sep 2022 09:22:48 GMT
etag: "63131ce8-9a5e"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2020/05/a-markets.jpg
45.130.41.35200 OK 27 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/05/a-markets.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Hash 756a565565df6e0f2cec2c9b4b76e296
387773b21ffcab31cb1d89e7f96d0d6b547506ba
09caa68834995289b636e847fceb545272b5a5350333b2e720093cb400d6aaba
GET /wp-content/uploads/2020/05/a-markets.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 26988
last-modified: Mon, 25 May 2020 15:27:50 GMT
etag: "5ecbe3f6-696c"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2020/05/250x250-pamm.gif
45.130.41.35200 OK 50 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/05/250x250-pamm.gif
IP 45.130.41.35:0
File type GIF image data, version 89a, 250 x 250\012- data
Hash cd3b0f639f22b2f35bd583ac16571cdb
a9ce0bc972d8963f8a88ae83a38c379e0a07a5ee
73de70b14b33570c9783b994522506583c50840edf538a76094151877e433df1
GET /wp-content/uploads/2020/05/250x250-pamm.gif HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/gif
content-length: 50534
last-modified: Mon, 25 May 2020 16:02:52 GMT
etag: "5ecbec2c-c566"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2020/05/ndb_1500_250x250_ru.jpg
45.130.41.35200 OK 48 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/05/ndb_1500_250x250_ru.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Hash 14b49bbf12791190c668c54e5c867feb
52d144e242b973942da49d1f8500cac301ac6f1c
79b20d7cf1871bfed16ef693560ba0d8c29b93980c25be6e2e4ead025d85bfaa
GET /wp-content/uploads/2020/05/ndb_1500_250x250_ru.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 48403
last-modified: Mon, 25 May 2020 16:01:08 GMT
etag: "5ecbebc4-bd13"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2020/12/viboom.gif
45.130.41.35200 OK 46 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/12/viboom.gif
IP 45.130.41.35:0
File type GIF image data, version 89a, 300 x 225\012- data
Hash 6da112ed7073c836748ec4198f5bb858
4908acad4b3151a2042719d59a0524f9c3766ad6
df0a9e760593a0d61e1e8d5cc12a435be6153d0ccad00790854c55b86e4289fb
GET /wp-content/uploads/2020/12/viboom.gif HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/gif
content-length: 46261
last-modified: Tue, 15 Dec 2020 08:18:05 GMT
etag: "5fd8713d-b4b5"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/wp-social-likes/js/social-likes.min.js?ver=6.0.2
45.130.41.35200 OK 4.0 kB URL HTTP/2 investstable.ru/wp-content/plugins/wp-social-likes/js/social-likes.min.js?ver=6.0.2
IP 45.130.41.35:0
Hash 7e2046994c36e01d8fe75c118d3d3ba6
ed85272b67ede8acc1ce8e1aa5ddc2db5ae8a9a0
5b369cbe974d3e57dc97f9e5469e13d72ee31baa879bee093c297b1cb1dfbf53
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-social-likes/js/social-likes.min.js?ver=6.0.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 02 Oct 2017 09:45:09 GMT
vary: Accept-Encoding
etag: W/"59d20aa5-24f8"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2020/05/banner-1-728x90-1.jpg
45.130.41.35200 OK 60 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/05/banner-1-728x90-1.jpg
IP 45.130.41.35:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 728x90, components 3\012- data
Hash 164506b5e3543299d93d1817b850d98c
b4a644d177c37bf75f56c09208aadc92b522e8cd
2df22e26878a25ee43d3ec4093ef68515ea2561fd7430f071b03754c12e0db4e
GET /wp-content/uploads/2020/05/banner-1-728x90-1.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 59669
last-modified: Tue, 12 May 2020 09:00:10 GMT
etag: "5eba659a-e915"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2020/10/1b60f5f5164148019a12f2f47c7b28b1.jpg
45.130.41.35200 OK 52 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/10/1b60f5f5164148019a12f2f47c7b28b1.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Hash 8863ca88093cdcc7381f2c0e3ee55ff0
e1a2a3aee11ace0d95b1d584a292379326ebc7bd
da63cc478ddb4c84036814cefd918f548f5d29f1c8dcff64aedb10b1a43c9a3b
GET /wp-content/uploads/2020/10/1b60f5f5164148019a12f2f47c7b28b1.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 51586
last-modified: Sun, 18 Oct 2020 12:36:20 GMT
etag: "5f8c36c4-c982"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
investstable.ru/wp-content/uploads/2020/05/banner-6-240x400-1.jpg
45.130.41.35200 OK 82 kB URL HTTP/2 investstable.ru/wp-content/uploads/2020/05/banner-6-240x400-1.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x400, components 3\012- data
Hash 51a4c1b3683215db55b49b09fb070068
b910ddaa2402e7442d1a40383ac7b69727c83047
ff68e86ea261a9a70a60a7b7f4f605d020701449d50a899702db69d5269a2169
GET /wp-content/uploads/2020/05/banner-6-240x400-1.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 82546
last-modified: Tue, 12 May 2020 09:05:43 GMT
etag: "5eba66e7-14272"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
rc.revolvermaps.com/0/0/6.js?i=21vr2g6pimi&m=0&s=200&c=ff0000&cr1=ffffff&f=arial&l=0
185.44.104.99200 OK 975 B URL HTTP/1.1 rc.revolvermaps.com/0/0/6.js?i=21vr2g6pimi&m=0&s=200&c=ff0000&cr1=ffffff&f=arial&l=0
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type ASCII text, with very long lines (1829), with no line terminators
Hash 6f2cff312815e129e65971e1f7aa0b6c
f07651ab0ae9b95ef1007782e8d1bbf0fae53f66
26a7a91762ec29a98d90e879584a0218e49e6733c98504d5c15d156f39d72446
GET /0/0/6.js?i=21vr2g6pimi&m=0&s=200&c=ff0000&cr1=ffffff&f=arial&l=0 HTTP/1.1
Host: rc.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:30 GMT
Server: Apache
Last-Modified: Fri, 23 Jun 2017 15:59:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
Content-Length: 975
Keep-Alive: timeout=4, max=100
Connection: Keep-Alive
Content-Type: application/javascript
proxy6.net/static/img/b/7.28x90.png
185.178.208.139200 OK 23 kB URL HTTP/2 proxy6.net/static/img/b/7.28x90.png
IP 185.178.208.139:0
File type PNG image data, 728 x 90, 8-bit colormap, non-interlaced\012- data
Hash 535a8e53835eabedf0f9436dc0a01c4f
96faf73445971f7f81e6b23416ae7fe76c287847
1b4b102a9932253604ff516491a2d43fa9f17534213cc76894c4f482b4ba7eed
GET /static/img/b/7.28x90.png HTTP/1.1
Host: proxy6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=xUAcqE2KAkbvvoVuGYbH; Domain=.proxy6.net; HttpOnly; Path=/; Expires=Thu, 21-Sep-2023 09:33:30 GMT
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/png
content-length: 22901
last-modified: Fri, 14 Apr 2017 17:35:01 GMT
etag: "58f10845-5975"
expires: Thu, 22 Sep 2022 09:33:30 GMT
cache-control: max-age=86400
accept-ranges: bytes
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/wp-social-likes/css/custom-buttons_classic.css?ver=6.0.2
45.130.41.35200 OK 5.6 kB URL HTTP/2 investstable.ru/wp-content/plugins/wp-social-likes/css/custom-buttons_classic.css?ver=6.0.2
IP 45.130.41.35:0
Hash 8eb77794f33bbd553d64702a00dd228e
6a016618cd2a2d2a897c4a1f06516d049e44debd
f6334d8df8cc44d6914984a9569d1865cd84fa52d2a0643c2a4cff940679c7b6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-social-likes/css/custom-buttons_classic.css?ver=6.0.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 02 Oct 2017 09:45:09 GMT
vary: Accept-Encoding
etag: W/"59d20aa5-16d"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.4
45.130.41.35200 OK 103 kB URL HTTP/2 investstable.ru/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.4
IP 45.130.41.35:0
Size 103 kB (102573 bytes)
Hash 12810fdbb10641bea000dc87a387fd37
7ac8a7ac56b3366e259f7843a31bbe5535616b63
927fdd4f19303b5309d3e017f0dfe97232c0e3968484e712a8edf1e39681bd49
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.4 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 05:07:20 GMT
vary: Accept-Encoding
etag: W/"63118f88-d69"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2019/09/etxt-top.png
45.130.41.35200 OK 26 kB URL HTTP/1.1 investstable.ru/wp-content/uploads/2019/09/etxt-top.png
IP 45.130.41.35:0
File type PNG image data, 240 x 400, 8-bit colormap, non-interlaced\012- data
Hash cb8cfd79a3d7e07dba22b9c5fe4f3d96
078c915b31f98b58f033506c0b84091dfe72274f
6c818e114473a3bf43c626772ebc5d4fb573e8c4043167c0d03b77e29548c3da
GET /wp-content/uploads/2019/09/etxt-top.png HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 21 Sep 2022 09:33:30 GMT
Content-Type: image/png
Content-Length: 25516
Last-Modified: Fri, 27 Sep 2019 19:03:04 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "5d8e5ce8-63ac"
Expires: Fri, 21 Oct 2022 09:33:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
investstable.ru/wp-content/uploads/2019/08/6912627ce8ddb69676858d981b62973d.jpg
45.130.41.35200 OK 34 kB URL HTTP/1.1 investstable.ru/wp-content/uploads/2019/08/6912627ce8ddb69676858d981b62973d.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x600, components 3\012- data
Hash d622aded8f2ecc17082f2a48cfe6b57c
c940eb282e634fef78a2a65167d4c457e27065d3
51c0031ad4194403f9dc6f6648d37e0467b69e7c1f2c2570079581e2094cbb1d
GET /wp-content/uploads/2019/08/6912627ce8ddb69676858d981b62973d.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 21 Sep 2022 09:33:30 GMT
Content-Type: image/jpeg
Content-Length: 33460
Last-Modified: Fri, 01 May 2020 14:11:51 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "5eac2e27-82b4"
Expires: Fri, 21 Oct 2022 09:33:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
investstable.ru/wp-content/uploads/2014/08/tinkoffkredkart.gif
45.130.41.35200 OK 129 kB URL HTTP/1.1 investstable.ru/wp-content/uploads/2014/08/tinkoffkredkart.gif
IP 45.130.41.35:0
File type GIF image data, version 89a, 240 x 400\012- data
Size 129 kB (129292 bytes)
Hash 0fa05fbdc4547a05ce7ca2812aaf1813
8eedb0688f90845d21205cc7839a3aaf0b0967f7
3b31ece620ceac4155c47e03e3e01c4d775c96e2a64b2b4155d66b838010e053
GET /wp-content/uploads/2014/08/tinkoffkredkart.gif HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 21 Sep 2022 09:33:30 GMT
Content-Type: image/gif
Content-Length: 129292
Last-Modified: Mon, 20 Mar 2017 18:39:50 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "58d021f6-1f90c"
Expires: Fri, 21 Oct 2022 09:33:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
investstable.ru/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
45.130.41.35200 OK 77 kB URL HTTP/2 investstable.ru/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 45.130.41.35:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://investstable.ru/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/font-woff2
content-length: 77160
last-modified: Mon, 19 Sep 2022 14:46:23 GMT
etag: "632880bf-12d68"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae3550207b517f54a959cb47227740e5
00c130d8aa6edcfb76ea2952caad9a2f7281559a
44856bfb834a500b1c55837358b97b8d4961ea56101516b1e332e6369b102d1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44856BFB834A500B1C55837358B97B8D4961EA56101516B1E332E6369B102D1E"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18792
Expires: Wed, 21 Sep 2022 14:46:42 GMT
Date: Wed, 21 Sep 2022 09:33:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
investstable.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
45.130.41.35200 OK 28 kB URL HTTP/2 investstable.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP 45.130.41.35:0
Hash f209b80fc16262e0a0e58c10cdcfe14b
fcb192322e94519060117acb02e41e7ce0a6190d
603ead86039dfa1e2e49614cf1f27e1df0f2866105bf7d38ecc7b2f86a00882a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 31 May 2021 18:47:51 GMT
vary: Accept-Encoding
etag: W/"60b52f57-176"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:58 GMT
expires: Thu, 14 Sep 2023 19:30:58 GMT
cache-control: public, max-age=31536000
age: 568952
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:38:37 GMT
expires: Tue, 19 Sep 2023 21:38:37 GMT
cache-control: public, max-age=31536000
age: 129293
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74ea779ea17d7bf12e3272c244b68d0a
5e60185b30bb1f37add5dfed65c47cbe78dae05e
ce8b98827ab7ae900c8d325caef30b43a6db9aa86c7b2945e2e2436b12614632
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4124
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:30 GMT
Last-Modified: Wed, 21 Sep 2022 08:24:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlSHYjedg.woff2
142.250.74.163200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlSHYjedg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 10656, version 1.0\012- data
Hash 82bc09c297dafefdb8ede29c07215a0e
a71c0ab54461d9ac9fb175cf0b1046ad7a2f249e
2180338485df7a5177f40705e1336cbb4b32fd5c49803cc453c25214ab40a5a4
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlSHYjedg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 22:22:31 GMT
expires: Tue, 19 Sep 2023 22:22:31 GMT
cache-control: public, max-age=31536000
age: 126659
last-modified: Mon, 18 Jul 2022 19:16:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rc.revolvermaps.com/js/r.php?i=21vr2g6pimi&l=https%3A%2F%2Finveststable.ru%2F&r=1663752810430
185.44.104.99200 OK 43 B URL HTTP/1.1 rc.revolvermaps.com/js/r.php?i=21vr2g6pimi&l=https%3A%2F%2Finveststable.ru%2F&r=1663752810430
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /js/r.php?i=21vr2g6pimi&l=https%3A%2F%2Finveststable.ru%2F&r=1663752810430 HTTP/1.1
Host: rc.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:30 GMT
Server: Apache
Content-Length: 43
Keep-Alive: timeout=4, max=99
Connection: Keep-Alive
Content-Type: image/gif
investstable.ru/wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20
45.130.41.35200 OK 29 kB URL HTTP/2 investstable.ru/wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20
IP 45.130.41.35:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 22204c632daf13fe2c6acaa4c85bc6fa
ff8828528767e96685b3a6155069a7d1eb0efb76
bba6ad9b9abff30176bfee474aa618f5565fbbf2df75592448443e07d2cc9e46
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/piotnet-addons-for-elementor/assets/js/minify/extension.min.js?ver=2.4.20 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Sep 2022 14:46:29 GMT
vary: Accept-Encoding
etag: W/"632880c5-117ab"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e65db7c9cb551a4ce3e5d77b09ed915
97b7ed2761d38f88b7d31db7962cde24ab297da6
d1f7bc8166ac20caeb9aae7a8f15668d2bb90ed6dbb799524f1a280f4baad383
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1F7BC8166AC20CAEB9AAE7A8F15668D2BB90ED6DBB799524F1A280F4BAAD383"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8408
Expires: Wed, 21 Sep 2022 11:53:38 GMT
Date: Wed, 21 Sep 2022 09:33:30 GMT
Connection: keep-alive
rc.revolvermaps.com/js/c.php?i=21vr2g6pimi
185.44.104.99200 OK 43 B URL HTTP/1.1 rc.revolvermaps.com/js/c.php?i=21vr2g6pimi
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /js/c.php?i=21vr2g6pimi HTTP/1.1
Host: rc.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:30 GMT
Server: Apache
Cache-Control: max-age=900
Last-Modified: Wed, 21 Sep 2022 09:33:30 GMT
Content-Length: 43
Keep-Alive: timeout=4, max=98
Connection: Keep-Alive
Content-Type: image/gif
www.web-ip.ru/images/200-300.gif
185.12.92.39200 OK 400 kB URL HTTP/1.1 www.web-ip.ru/images/200-300.gif
IP 185.12.92.39:0
File type GIF image data, version 89a, 200 x 300\012- data
Size 400 kB (399657 bytes)
Hash 3106053a699c9ac521a5b73ab06a017a
12bf12c0fca502f94a33cf50b026854c977dbdad
e32c410d8e8353778912a3338dcf8b5c2535c55c31988def5a202d01b9f68b7b
GET /images/200-300.gif HTTP/1.1
Host: www.web-ip.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Wed, 21 Sep 2022 09:33:30 GMT
Content-Type: image/gif
Content-Length: 399657
Last-Modified: Tue, 16 Oct 2018 18:33:51 GMT
Connection: close
ETag: "5bc62f0f-61929"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d91cd06d0c92465809fbab9f3f667b2f
32eb190f0d8e839f90503e4cc9bdc13f89d62a78
0c29d8ac0416a80ee65337a90685ce677be87af1296682215a6b4118fd46ba5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C29D8AC0416A80EE65337A90685CE677BE87AF1296682215A6B4118FD46BA5C"
Last-Modified: Wed, 21 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15470
Expires: Wed, 21 Sep 2022 13:51:20 GMT
Date: Wed, 21 Sep 2022 09:33:30 GMT
Connection: keep-alive
investstable.ru/wp-content/uploads/2022/08/vk_fra-480x360.jpg
45.130.41.35200 OK 27 kB URL HTTP/2 investstable.ru/wp-content/uploads/2022/08/vk_fra-480x360.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 7a59ac2b35bba946e86997dd5248e0e0
792e85f57b6c46bff81789a8dee4635575e16707
510c549bdc189926dc97923d7dfad2dda9911ff6f9b119bb87100d7f84f32ad4
GET /wp-content/uploads/2022/08/vk_fra-480x360.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: JCS_INENREF=; JCS_INENTIM=1663752810519; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 26973
last-modified: Fri, 05 Aug 2022 16:46:24 GMT
etag: "62ed4960-695d"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2022/07/vk_zr-480x360.jpg
45.130.41.35200 OK 38 kB URL HTTP/2 investstable.ru/wp-content/uploads/2022/07/vk_zr-480x360.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 8d6bcbf88b4ae3562a832d18b68ea6fa
b82db24050e494f63389dfd15b096c3bd97829b2
5f622bd93fdd8e279d18b588799a2cef833694dff83aa3810831b7a2d0c2382f
GET /wp-content/uploads/2022/07/vk_zr-480x360.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: JCS_INENREF=; JCS_INENTIM=1663752810519; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 38506
last-modified: Thu, 28 Jul 2022 16:02:30 GMT
etag: "62e2b316-966a"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2022/07/vk_nv-480x360.jpg
45.130.41.35200 OK 30 kB URL HTTP/2 investstable.ru/wp-content/uploads/2022/07/vk_nv-480x360.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 1d467c4e8f48eeb675ff78eeffd1f648
29d2f6dcf66ca76b968d229eede988606906f7e0
d4b6c4a3c03d4fba9b18c8c0840d9161cd84b822fd237c64d53bebbb89532147
GET /wp-content/uploads/2022/07/vk_nv-480x360.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: JCS_INENREF=; JCS_INENTIM=1663752810519; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 29964
last-modified: Mon, 18 Jul 2022 17:58:42 GMT
etag: "62d59f52-750c"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2022/07/vk_du-480x360.jpg
45.130.41.35200 OK 37 kB URL HTTP/2 investstable.ru/wp-content/uploads/2022/07/vk_du-480x360.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 1fe20cb9c75e28a299994f622840b2d4
746434943382475dd5a7f970bb7daf00289d01a2
1364df773336e3e66dd8bddacb5a914426b430286df5facfebc1c6259f66148b
GET /wp-content/uploads/2022/07/vk_du-480x360.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: JCS_INENREF=; JCS_INENTIM=1663752810519; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 36713
last-modified: Sat, 16 Jul 2022 16:21:28 GMT
etag: "62d2e588-8f69"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/themes/elegantwp/assets/js/skip-link-focus-fix.js
45.130.41.35200 OK 9.5 kB URL HTTP/2 investstable.ru/wp-content/themes/elegantwp/assets/js/skip-link-focus-fix.js
IP 45.130.41.35:0
Hash 391b1e563c2f379f75df36ab9d2c10a1
dbb44c6a2d620e2f22a8bc77f405841686ead0e2
6ad938af9faf95b967479d4801fe889e4b457810bacd1a68644199cda0757e60
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/elegantwp/assets/js/skip-link-focus-fix.js HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 17:36:19 GMT
vary: Accept-Encoding
etag: W/"60f5b813-342"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2022/07/vk_dv-480x360.jpg
45.130.41.35200 OK 33 kB URL HTTP/2 investstable.ru/wp-content/uploads/2022/07/vk_dv-480x360.jpg
IP 45.130.41.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash d55d54340e448dab8fc3352aa04de50f
aa43e074296b59bd9a49da3f069847d47b89ac28
82e50e7c8f797260911e2c0505e56622c37fcf8008ab1674ea699db894e6cd3b
GET /wp-content/uploads/2022/07/vk_dv-480x360.jpg HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: JCS_INENREF=; JCS_INENTIM=1663752810519; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/jpeg
content-length: 32611
last-modified: Sat, 16 Jul 2022 15:52:32 GMT
etag: "62d2dec0-7f63"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
glopart.ru/ads/adunit/17775/script.js
51.250.65.231200 OK 572 B URL HTTP/2 glopart.ru/ads/adunit/17775/script.js
IP 51.250.65.231:0
ASN #200350 Yandex.Cloud LLC
File type Unicode text, UTF-8 text, with very long lines (455)
Hash 0126b369efb82632794c9aacd2a92bb2
9c02268ab458fcc85ba37b21f9d16826e21ddbfe
8a89f2123b15dd1bd89778a2f420241fbd3b99ab34db3b9480290bb5189af682
GET /ads/adunit/17775/script.js HTTP/1.1
Host: glopart.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/javascript;charset=utf-8
content-length: 572
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=192df9e0-c59b-4728-8c73-be680d6d2f7d&dp=10&tz=%2B00%3A00&nc=81641178&u=https%3A%2F%2Finveststable.ru%2F&r=&rs=1280x1024&t=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&oE=1&oP=1&dT=2022-09-21T09%3A33%3A30.608&fu=fa2d74c6-3661-4c6a-9616-dda0e479833f
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=192df9e0-c59b-4728-8c73-be680d6d2f7d&dp=10&tz=%2B00%3A00&nc=81641178&u=https%3A%2F%2Finveststable.ru%2F&r=&rs=1280x1024&t=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&oE=1&oP=1&dT=2022-09-21T09%3A33%3A30.608&fu=fa2d74c6-3661-4c6a-9616-dda0e479833f
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=192df9e0-c59b-4728-8c73-be680d6d2f7d&dp=10&tz=%2B00%3A00&nc=81641178&u=https%3A%2F%2Finveststable.ru%2F&r=&rs=1280x1024&t=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&oE=1&oP=1&dT=2022-09-21T09%3A33%3A30.608&fu=fa2d74c6-3661-4c6a-9616-dda0e479833f HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
185.12.125.25302 Found 154 B IP 185.12.125.25:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 21-Sep-22 09:43:30 GMT
aid=uQx9GWMq2mqiBQC5xg/WAqJXcQdU9vaOb5UAytPFPDepUTrt; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
rc.revolvermaps.com/w/6/a/a2.php?i=21vr2g6pimi&m=0&s=200&c=ff0000&cr1=ffffff&f=arial&l=0
185.44.104.99200 OK 11 kB URL HTTP/1.1 rc.revolvermaps.com/w/6/a/a2.php?i=21vr2g6pimi&m=0&s=200&c=ff0000&cr1=ffffff&f=arial&l=0
IP 185.44.104.99:0
ASN #34549 meerfarbig GmbH & Co. KG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32541), with no line terminators
Hash 38c061c4a06aa91f396ef1fe99df4ac7
26f80bfb65cf273163e1315f52f68f9973cae1d4
8c8de3862a2ecf26dbb5fd1d040e244d481fa7f1ce1fb349de5ff23ffc7b4a16
GET /w/6/a/a2.php?i=21vr2g6pimi&m=0&s=200&c=ff0000&cr1=ffffff&f=arial&l=0 HTTP/1.1
Host: rc.revolvermaps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:30 GMT
Server: Apache
Cache-Control: public, max-age=2592000
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=4, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
freecurrencyrates.com/ru/widget-vertical?iso=USD-RUB-EUR-GBP-CNY-BTC-UAH&df=1&p=FKCP47lFo&v=fits&source=fcr&width=245&width_title=0&firstrowvalue=1&thm=dddddd,eeeeee,E78F08,F6A828,FFFFFF,cccccc,ffffff,1C94C4,000000&title=%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&tzo=-180
74.119.195.177200 OK 5.4 kB URL HTTP/1.1 freecurrencyrates.com/ru/widget-vertical?iso=USD-RUB-EUR-GBP-CNY-BTC-UAH&df=1&p=FKCP47lFo&v=fits&source=fcr&width=245&width_title=0&firstrowvalue=1&thm=dddddd,eeeeee,E78F08,F6A828,FFFFFF,cccccc,ffffff,1C94C4,000000&title=%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&tzo=-180
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type HTML document, Unicode text, UTF-8 text, with very long lines (11699), with CRLF, LF line terminators
Hash 286bbce6569fb7153ad203f853d52a0e
9f96f39ecf2dbf345fa606dcc0008913f67f9c0f
bd8f0c8d272b25226cc437a00c2332603b49d22a516b1e070bf7b4199c0884c9
GET /ru/widget-vertical?iso=USD-RUB-EUR-GBP-CNY-BTC-UAH&df=1&p=FKCP47lFo&v=fits&source=fcr&width=245&width_title=0&firstrowvalue=1&thm=dddddd,eeeeee,E78F08,F6A828,FFFFFF,cccccc,ffffff,1C94C4,000000&title=%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&tzo=-180 HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/javascript
transfer-encoding: chunked
cache-control: max-age=300
content-encoding: gzip
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash eee9d3ed5d8a46e1be45873094ed007e
4a569b8a000afcb61cd25490f76cdeef65f95939
1d7a4ca9268b25670dc26e8f2f2f91a047d1bd875bbb68dc07e45d273070f0e8
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 08:38:46 GMT
ETag: "4a569b8a000afcb61cd25490f76cdeef65f95939"
Last-Modified: Wed, 21 Sep 2022 08:38:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1474
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccbb7a39b509-OSL
kraken.rambler.ru/userip
81.19.89.17200 OK 12 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://investstable.ru
x-srv: 0node0010.top100.rambler.tech
set-cookie: ruid=1CIAAGraKmM7Q1OCATDqpgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAGraKmM7Q1OCATDqpgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
freecurrencyrates.com/flags/24/us.png
74.119.195.177200 OK 656 B URL HTTP/1.1 freecurrencyrates.com/flags/24/us.png
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash ae506a6c014bfeb8d8cbfdfbe94c14c9
f4e74440c4e79e71959b9b8f799f2e8a7e15b7ee
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
GET /flags/24/us.png HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:28:37 GMT
content-type: image/png
content-length: 656
last-modified: Fri, 01 Jul 2016 20:43:46 GMT
etag: "5776d602-290"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 293
freecurrencyrates.com/flags/24/gb.png
74.119.195.177200 OK 1.2 kB URL HTTP/1.1 freecurrencyrates.com/flags/24/gb.png
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 33a79546e65bf38629ec0bf90a0bcc3d
5afd0a44d0f4c8cadd3fea1ec866ddeb67e4afdd
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
GET /flags/24/gb.png HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:31:53 GMT
content-type: image/png
content-length: 1177
last-modified: Fri, 01 Jul 2016 20:43:45 GMT
etag: "5776d601-499"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 97
glopart.ru/uploads/wareimages/12569/884a86b9d6f84d949e1b973feb4e5c7d.png
51.250.65.231200 OK 10 kB URL HTTP/2 glopart.ru/uploads/wareimages/12569/884a86b9d6f84d949e1b973feb4e5c7d.png
IP 51.250.65.231:0
ASN #200350 Yandex.Cloud LLC
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c528a39ab234d7bfd78425d65ddba7e
08efeac0136e6589cfaa2c4620620d649474a447
878dd963321d9fd1b03187a264bcb775bc62d4ca17bf369a158cde62f5f6db82
GET /uploads/wareimages/12569/884a86b9d6f84d949e1b973feb4e5c7d.png HTTP/1.1
Host: glopart.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/png
content-length: 10357
etag: "9c528a39ab234d7bfd78425d65ddba7e"
last-modified: Sat, 19 Mar 2022 00:18:33 GMT
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b58c5887c6aecbdb30df3f3543a7913
ba6105daae677b907e0eda34ae06ce921dd97687
a13695745612e9f0feaf5b58cbab183b166956c0e84b94148d230e12725b9c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A13695745612E9F0FEAF5B58CBAB183B166956C0E84B94148D230E12725B9C66"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12113
Expires: Wed, 21 Sep 2022 12:55:24 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
www.acint.net/mc/?dp=10&tc=1
185.12.125.25200 OK 1.9 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 185.12.125.25:0
Hash a3dbd9278e9a019ec9c8a563e1bb2340
d00850cdff4ae7daba85a586462c7d749893da14
5b1c207ebba116bc21bca3788414ef63982b2eb642319c9dd5e7a6e359d6fde0
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1663752810; expires=Thu, 22-Sep-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1663752810; expires=Wed, 05-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1663752810; expires=Wed, 05-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1663752810; expires=Wed, 05-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1663752810; expires=Thu, 06-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1663752810; expires=Fri, 21-Oct-22 09:33:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
freecurrencyrates.com/flags/24/eu.png
74.119.195.177200 OK 909 B URL HTTP/1.1 freecurrencyrates.com/flags/24/eu.png
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 94eea2fb562263ef9a777380e3eba8fe
3f74d28639adf5c9fc35450da396da37cb43e2c8
f880ef6584845869e5d81b2960b8eb81ec470b88ea8859dd75a2ef80f56fe8dd
GET /flags/24/eu.png HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:28:31 GMT
content-type: image/png
content-length: 909
last-modified: Fri, 01 Jul 2016 20:43:45 GMT
etag: "5776d601-38d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 299
freecurrencyrates.com/flags/24/cn.png
74.119.195.177200 OK 604 B URL HTTP/1.1 freecurrencyrates.com/flags/24/cn.png
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 933a5fd60bc9e9b3f152937065ba2142
c161d6d280949b5499111704f3e6f94e8b9d4b78
1afc41cd907186a8d6e578fc119c9b491d411ba4f5c33f02eb5714dd0f657fb6
GET /flags/24/cn.png HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:29:41 GMT
content-type: image/png
content-length: 604
last-modified: Fri, 01 Jul 2016 20:43:45 GMT
etag: "5776d601-25c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 229
freecurrencyrates.com/flags/24/btc.png
74.119.195.177200 OK 890 B URL HTTP/1.1 freecurrencyrates.com/flags/24/btc.png
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type PNG image data, 24 x 24, 4-bit colormap, non-interlaced\012- data
Hash ee5ca44996167f948e9a7ef54687c16c
e05e6b5d566a829628f7d4f8f577128979bf4e6c
dae692b8bba4d06e448f9724b4787312125a21b78b92e54b6496606f4e6d6055
GET /flags/24/btc.png HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:31:23 GMT
content-type: image/png
content-length: 890
last-modified: Fri, 01 Jul 2016 20:43:45 GMT
etag: "5776d601-37a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 127
dm-eu.hybrid.ai/match?id=106&vid=89B803C16ADA2A63D903AC68020BB075
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=89B803C16ADA2A63D903AC68020BB075
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 09:33:31 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=39defd8711277a09704b; expires=Thu, 21 Sep 2023 09:33:29 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
freecurrencyrates.com/flags/24/ua.png
74.119.195.177200 OK 476 B URL HTTP/1.1 freecurrencyrates.com/flags/24/ua.png
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 8cf366da149b92da8713850df92cc2a7
8848474af0b13f8912c4e9b97004aad53d186adc
70549240fea1a10a4c0ec5804693af68a23eeaaff15c9cd1883c0138c81847e3
GET /flags/24/ua.png HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:31:11 GMT
content-type: image/png
content-length: 476
last-modified: Fri, 01 Jul 2016 20:43:46 GMT
etag: "5776d602-1dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 139
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash f56b2358a15efa2d0423a8e085fa9856
c4de315a1d00b0ddabf70e6581664e12123b06c4
4cab8c3c0392aa92debf7e0765455a1b0057a244ea738c84dd81afe9e5abca1c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:30:45 GMT
ETag: "c4de315a1d00b0ddabf70e6581664e12123b06c4"
Last-Modified: Wed, 21 Sep 2022 06:30:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1395
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccbd48f2b518-OSL
glopart.ru/assets/adunit-794b7334b25d2a9ccaec.js
51.250.65.231200 OK 35 kB URL HTTP/2 glopart.ru/assets/adunit-794b7334b25d2a9ccaec.js
IP 51.250.65.231:0
ASN #200350 Yandex.Cloud LLC
Hash 9d832e82f5825b2a0a995a3dd2c2ff9c
856906e3fb139c7d28287babf1ac4fe6c32aeba8
ed4bfcece450cbe942bfdc4e771c223bbe6001a289b5c6fa03795538dcca623b
GET /assets/adunit-794b7334b25d2a9ccaec.js HTTP/1.1
Host: glopart.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
etag: W/"4cb75803fae23dbd10bfdaed386fff49"
last-modified: Sun, 10 Apr 2022 15:34:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 276999a09ea6d06c17bc17b0ac794a81
a5c49feff7e6055da2ad692188124bb7d265fb22
e75315ecf71f2d2c0bba377f986399db9653201d0e22c93f1d6a3af0aaf64190
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E75315ECF71F2D2C0BBA377F986399DB9653201D0E22C93F1D6A3AF0AAF64190"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11109
Expires: Wed, 21 Sep 2022 12:38:40 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
176.122.21.130302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 176.122.21.130:0
ASN #48096 Enterprise Cloud Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=104bd0086aba468cae862fc822dd7a88
server: Kestrel
set-cookie: adlm_userId=104bd0086aba468cae862fc822dd7a88; expires=Wed, 20 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Wed, 21 Sep 2022 09:33:30 GMT
content-length: 0
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=89B803C16ADA2A63D903AC68020BB075
116.202.236.228204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=89B803C16ADA2A63D903AC68020BB075
IP 116.202.236.228:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.10
date: Wed, 21 Sep 2022 09:33:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
148.251.78.49302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 148.251.78.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1663752811138;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1663752811138;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
freecurrencyrates.com/font/roboto.googlefonts/Roboto-Medium.woff2
74.119.195.177200 OK 62 kB URL HTTP/1.1 freecurrencyrates.com/font/roboto.googlefonts/Roboto-Medium.woff2
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type Web Open Font Format (Version 2), TrueType, length 62228, version 2.0\012- data
Hash 4a6c203d3f824fa9ce159965a0ab3156
024f9f4466d9eca4b612629001b32dbaff3c5b6f
e9817ff441c7044f2d126a3e12b02f624bd2fff669e3f6092d9c92324313df13
GET /font/roboto.googlefonts/Roboto-Medium.woff2 HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:33:15 GMT
content-type: application/octet-stream
content-length: 62228
last-modified: Sun, 03 Jul 2016 17:43:11 GMT
etag: "57794eaf-f314"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 15
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16ADA2A63D903AC68020BB075
78.46.100.125302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16ADA2A63D903AC68020BB075
IP 78.46.100.125:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=748aca00-3990-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 09:33:31 GMT; SameSite=None; Secure
uid-legacy=748aca00-3990-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 09:33:31 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16ADA2A63D903AC68020BB075&cs=1
X-Firefox-Spdy: h2
sync.republer.com/match?dsp=sape
23.88.82.46204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP 23.88.82.46:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=88B803C16BDA2A631F000DA802529993
185.12.125.25200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=88B803C16BDA2A631F000DA802529993
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=88B803C16BDA2A631F000DA802529993 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 384432327e59911893dde92354ad4004
9072301d1849be2ae1124b82d6e8a5ff813c6fed
47dc57891100bb43fefd0e8a5ea71455f31488cfc947245a4082bdd9dc438a9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Last-Modified: Wed, 21 Sep 2022 07:48:41 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
acint.net/match?dp=110&euid=104bd0086aba468cae862fc822dd7a88
185.12.125.25200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=104bd0086aba468cae862fc822dd7a88
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=104bd0086aba468cae862fc822dd7a88 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cccf97799244ecc00dd257aaa5fea3a
5e0f5f35902f2c10f420ccfafd23fd8f8fa6325c
c9d5840fc9dea3d55d10247f043b47715557416539db5856830be0275ebd1224
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9D5840FC9DEA3D55D10247F043B47715557416539DB5856830BE0275EBD1224"
Last-Modified: Mon, 19 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20036
Expires: Wed, 21 Sep 2022 15:07:27 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da4dc3f7b3c6aeab3518f9c4e56c30b3
f02f3cf8f3cc1fe18a67970da504fa40a1a2c65f
7b67202e50ee8511eb36fad0ccadf6b6debe8169c3925c48bc1b5f1aae26bc13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B67202E50EE8511EB36FAD0CCADF6B6DEBE8169C3925C48BC1B5F1AAE26BC13"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3656
Expires: Wed, 21 Sep 2022 10:34:27 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 869ed8950bdd219f27266bf3d1bdc8ce
d61f42476d49efb77a5362496e0001ae83be66a0
718eed71973d15305e0894498be069c630b67bcad72a6c1a1872bfdf99e97f4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "718EED71973D15305E0894498BE069C630B67BCAD72A6C1A1872BFDF99E97F4B"
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5911
Expires: Wed, 21 Sep 2022 11:12:02 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
freecurrencyrates.com/font/roboto.googlefonts/Roboto-Regular.woff2
74.119.195.177200 OK 62 kB URL HTTP/1.1 freecurrencyrates.com/font/roboto.googlefonts/Roboto-Regular.woff2
IP 74.119.195.177:0
ASN #43624 Pq Hosting S.r.l.
File type Web Open Font Format (Version 2), TrueType, length 61604, version 2.0\012- data
Hash 8eec98e0eb4f8d9f82fa2c1adbd327fd
87a0c5824a950d21f3b93d42e82ccc033e3b5329
f05b6f9877fc4a3f9b4587aba72a9c63c60ce1e26398993498187816366de818
GET /font/roboto.googlefonts/Roboto-Regular.woff2 HTTP/1.1
Host: freecurrencyrates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx/1.18.0
date: Wed, 21 Sep 2022 09:32:35 GMT
content-type: application/octet-stream
content-length: 61604
last-modified: Sun, 03 Jul 2016 17:43:11 GMT
etag: "57794eaf-f0a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
accept-ranges: bytes
age: 56
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16ADA2A63D903AC68020BB075&cs=1
78.46.100.125200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16ADA2A63D903AC68020BB075&cs=1
IP 78.46.100.125:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=89B803C16ADA2A63D903AC68020BB075&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=748aca00-3990-11ed-8677-901b0e934d81
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=748aca00-3990-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 09:33:31 GMT; SameSite=None; Secure
uid-legacy=748aca00-3990-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 21 Sep 2023 09:33:31 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d55db53fcebb4f51429de306e63545a7
87522c33be4f0a7767dd60551ab9cfc9958e9e4d
0c3b6835b2e7aa2bb66466305608b1ab6236431fadafa3a6fe32530f516dc23a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C3B6835B2E7AA2BB66466305608B1AB6236431FADAFA3A6FE32530F516DC23A"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11972
Expires: Wed, 21 Sep 2022 12:53:03 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 21 Sep 2022 09:33:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=QAKQYKNT
Set-Cookie: uid=QAKQYKNT; Expires=Wed, 21 Sep 2032 00:00:00 GMT; mf2=1; Expires=Fri, 21 Oct 2022 00:00:00 GMT;
ut.rktch.com/matchspm?pi=1000005&pui=89B803C16ADA2A63D903AC68020BB075
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=89B803C16ADA2A63D903AC68020BB075
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=948a1227dc11478e13fc4bc85085b35a7400; Max-Age=2592000; Expires=Fri, 21 Oct 2022 09:33:31 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
148.251.78.49302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 148.251.78.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663752811138
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/png
content-length: 0
location: https://c65521c3-2693-42c1-b2f6-2318d64fa5f3.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=c65521c3-2693-42c1-b2f6-2318d64fa5f3;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=c65521c3-2693-42c1-b2f6-2318d64fa5f3;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c7ca79d72f3bb10c15342f56e9ada97
faa1ae6c5664dbc8fb0a61607bad123c33230c70
9ff0f01363dbfb8a16c5ba064b6ad8aaaf50c69cd6181e65c41ac1e46cf891ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FF0F01363DBFB8A16C5BA064B6AD8AAAF50C69CD6181E65C41AC1E46CF891AD"
Last-Modified: Tue, 20 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2039
Expires: Wed, 21 Sep 2022 10:07:30 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
a.utraff.com/sync?ssp=sape
104.21.59.66204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP 104.21.59.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Fri, 21 Oct 2022 12:33:31 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Fri, 21 Oct 2022 12:33:31 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OnzjCiyZtlQ9MCWU6JuB5v%2BQ%2BE%2B1Pk04C8ylpE1YL8Slnjf52dm3jZePpWI1vxfA0lKpiYjkVMJ3nabErJlSvx2idA1%2FnQtAAc2EawdExb88OMK7W6sAnKTwPgpMEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1ccbe286f1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08d4db29c429e6f937cc4fcd718b0bfe
a82efa1179f9853eea82e25f8a575a0cd58aa5a7
33cc7e1528cd3c0358c442656146c740469bdf1f68facb8d3171af0fd9f76b67
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33CC7E1528CD3C0358C442656146C740469BDF1F68FACB8D3171AF0FD9F76B67"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10495
Expires: Wed, 21 Sep 2022 12:28:26 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
s.uuidksinc.net/match/396/?remote_uid=89B803C16ADA2A63D903AC68020BB075
31.220.27.134302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=89B803C16ADA2A63D903AC68020BB075
IP 31.220.27.134:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=6S83qsnK6P3OG0Br7ujj
set-cookie: jcsuuid=6S83qsnK6P3OG0Br7ujj; expires=Thu, 21 Sep 2023 09:33:31 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2019/10/cropped-26939-520-192x192.png
45.130.41.35200 OK 50 kB URL HTTP/2 investstable.ru/wp-content/uploads/2019/10/cropped-26939-520-192x192.png
IP 45.130.41.35:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e44d85614d8292ccfd0d2f66283315a7
ba7defd7ea00c5796cc6a5eaf7a3f24e3a7ad596
fd5b43b6831c55cc360e720b2f1dd2ce08d5c086641c69a09a735d18974a340e
GET /wp-content/uploads/2019/10/cropped-26939-520-192x192.png HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: JCS_INENREF=; JCS_INENTIM=1663752810519; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; fid=fa2d74c6-3661-4c6a-9616-dda0e479833f; adtech_uid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7%3Ainveststable.ru; top100_id=t1.6699530.2123457652.1663752810667; t3_sid_6699530=s1.965615880.1663752810669.1663752810980.1.1.1.1; last_visit=1663752810955%3A%3A1663752810955
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/png
content-length: 50173
last-modified: Fri, 01 May 2020 14:37:28 GMT
etag: "5eac3428-c3fd"
expires: Fri, 21 Oct 2022 09:33:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/wp-content/uploads/2019/10/cropped-26939-520-32x32.png
45.130.41.35200 OK 2.4 kB URL HTTP/2 investstable.ru/wp-content/uploads/2019/10/cropped-26939-520-32x32.png
IP 45.130.41.35:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 93f0cd2b3e24f6d8a35bd8960022f7ef
641413117c5083469194ce81347e100a9a57ec62
f6aba205f53b839f33daff5ab64e9fbd4bf6d32252fd0c501704107e0d20ec1c
GET /wp-content/uploads/2019/10/cropped-26939-520-32x32.png HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Cookie: JCS_INENREF=; JCS_INENTIM=1663752810519; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; fid=fa2d74c6-3661-4c6a-9616-dda0e479833f; adtech_uid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7%3Ainveststable.ru; top100_id=t1.6699530.2123457652.1663752810667; t3_sid_6699530=s1.965615880.1663752810669.1663752810980.1.1.1.1; last_visit=1663752810955%3A%3A1663752810955
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/png
content-length: 2402
last-modified: Fri, 01 May 2020 14:37:28 GMT
etag: "5eac3428-962"
expires: Fri, 21 Oct 2022 09:33:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b7a94989f12f648eec81340e4dd79f81
4ae50c94f39c12046d8522d440f5bb81781d4e9a
47c1d49b8357ed71a8cf8dc9fc0a120b64c65fa4f00a11b05616404729dd7d8e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 00:21:03 GMT
Expires: Sun, 25 Sep 2022 00:21:02 GMT
Etag: "4ae50c94f39c12046d8522d440f5bb81781d4e9a"
Cache-Control: max-age=311850,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e1ccbe68030b39-OSL
www.acint.net/match?dp=129&euid=67btg9vzk3
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=67btg9vzk3
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=67btg9vzk3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=89B803C16ADA2A63D903AC68020BB075
31.172.81.158302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=89B803C16ADA2A63D903AC68020BB075
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3NDllNzc4MC0zOTkwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 16 Sep 2042 09:33:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjrtKuZBmIgODlCODAzQzE2QURBMkE2M0Q5MDNBQzY4MDIwQkIwNzWiARB0nneAOZAR7YZEACWQyCQ3
ETag: 749e7780-3990-11ed-8644-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
mediatoday.ru/core/match.gif?s=32&id=89B803C16ADA2A63D903AC68020BB075
139.45.228.100200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=89B803C16ADA2A63D903AC68020BB075
IP 139.45.228.100:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VU0259OOfTnLMgf; expires=Sat, 18-Sep-2032 09:33:31 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
www.acint.net/match?dp=95&euid=QAKQYKNT
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=QAKQYKNT
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=QAKQYKNT HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=6S83qsnK6P3OG0Br7ujj
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=6S83qsnK6P3OG0Br7ujj
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=6S83qsnK6P3OG0Br7ujj HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=89B803C16ADA2A63D903AC68020BB075
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=89B803C16ADA2A63D903AC68020BB075
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=2c633c76-9c48-40ed-bc93-48ea0437fb8f
Set-Cookie: uuid=2c633c76-9c48-40ed-bc93-48ea0437fb8f; expires=Tue, 12 Sep 2023 09:33:31 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13203
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
nr.bidderstack.com/sape/cm?user_id=89B803C16ADA2A63D903AC68020BB075
46.4.70.80200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=89B803C16ADA2A63D903AC68020BB075
IP 46.4.70.80:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=f9c74d40-6ca1-4d22-8d78-d4321be1c76e; domain=.bidderstack.com; path=/; expires=Thu, 21-Sep-2023 09:33:31 GMT;
Access-Control-Allow-Credentials: true
sync.bumlam.com/?src=sap1&s_data=CAIQARjrtKuZBmIgODlCODAzQzE2QURBMkE2M0Q5MDNBQzY4MDIwQkIwNzWiARB0nneAOZAR7YZEACWQyCQ3
31.172.81.158200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjrtKuZBmIgODlCODAzQzE2QURBMkE2M0Q5MDNBQzY4MDIwQkIwNzWiARB0nneAOZAR7YZEACWQyCQ3
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjrtKuZBmIgODlCODAzQzE2QURBMkE2M0Q5MDNBQzY4MDIwQkIwNzWiARB0nneAOZAR7YZEACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ3NDllNzc4MC0zOTkwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3NDllNzc4MC0zOTkwLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 16 Sep 2042 09:33:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7973e43a3957a75694985fcc5c484cb8
4265e8e96c4e8cdeeaec644aad32f575286147f2
e28b5cb66252a18d25fcca8e24bfcdaaa5f93bc9ae8db726b28cb4af50867e21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E28B5CB66252A18D25FCCA8E24BFCDAAA5F93BC9AE8DB726B28CB4AF50867E21"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15068
Expires: Wed, 21 Sep 2022 13:44:39 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:48:37 GMT
age: 42294
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 40094
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4df06b3e4176e8f080c997bfae578142
0850ed5db509f8a75439eca5866c2bb6ca3195d3
43e8bfd931d778ac5ebf2d4a8c9915cb05394b6499f9a8575cfc8ce93edd7d92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4789
x-amzn-requestid: 36ce3b9d-d2aa-4975-86e5-22875944d707
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiqljEIKoAMFhPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63242489-1a31957361790e766b8355c6;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:23:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uNmY94pnSglVwSsx4oEaFrQqFI0bxeVzH8o8PYApgHQk_CSrkk2R1g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:20:09 GMT
age: 40402
etag: "0850ed5db509f8a75439eca5866c2bb6ca3195d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
168.119.8.212301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 168.119.8.212:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 0f3ec82b4adf7022303515650fde4115
406ce60fae1ec0bcc257e277ccdc448390b5f3e7
d045175903075c807bd1453417d212bb41f840eae21fcddbacd9450a253abe28
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=051ecdb9-18a6-46ad-61f4-77f9fd9e619b
serverid: TODO
X-Firefox-Spdy: h2
stat.adlabs.ru/merge_gpsid/?sid=50&id=89B803C16ADA2A63D903AC68020BB075
109.248.237.36302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=89B803C16ADA2A63D903AC68020BB075
IP 109.248.237.36:0
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:21:11 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=89B803C16ADA2A63D903AC68020BB075
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 40714
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 51299
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 285c04fe0904d41ab1c0259942fa26ec
3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34
b91184725a4171202201b5478271a3ab361c54a8893b4dee70d941821a2e70a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10293
x-amzn-requestid: 79f60a00-d045-4829-aa8b-d79050cb890d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfWItGn6oAMFeyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322d09d-197e424d3023e2683d291f7c;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:13:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p9HhyeWzmFixsw2Ft2OzcH2rBEhJ6xD1sQPxDAmj41akQVG_AG1xZQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:13:04 GMT
age: 22827
etag: "3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=2c633c76-9c48-40ed-bc93-48ea0437fb8f
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=2c633c76-9c48-40ed-bc93-48ea0437fb8f
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=2c633c76-9c48-40ed-bc93-48ea0437fb8f HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 08:41:12 GMT
expires: Wed, 21 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 3139
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=89B803C16ADA2A63D903AC68020BB075
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=89B803C16ADA2A63D903AC68020BB075
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.174200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 08:47:30 GMT
expires: Wed, 21 Sep 2022 09:47:30 GMT
cache-control: public, max-age=3600
age: 2761
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=051ecdb9-18a6-46ad-61f4-77f9fd9e619b
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=051ecdb9-18a6-46ad-61f4-77f9fd9e619b
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=051ecdb9-18a6-46ad-61f4-77f9fd9e619b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=831920087&t=pageview&_s=1&dl=https%3A%2F%2Finveststable.ru%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAAUIhAAAAAC~&jid=129360821&gjid=1778733038&cid=567185177.1663752811&tid=UA-150971850-1&_gid=1126789002.1663752811&_r=1>m=2ou9j0&did=dZGIzZG&gdid=dZGIzZG&z=131147654
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=831920087&t=pageview&_s=1&dl=https%3A%2F%2Finveststable.ru%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAAUIhAAAAAC~&jid=129360821&gjid=1778733038&cid=567185177.1663752811&tid=UA-150971850-1&_gid=1126789002.1663752811&_r=1>m=2ou9j0&did=dZGIzZG&gdid=dZGIzZG&z=131147654
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&a=831920087&t=pageview&_s=1&dl=https%3A%2F%2Finveststable.ru%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aGBAAUIhAAAAAC~&jid=129360821&gjid=1778733038&cid=567185177.1663752811&tid=UA-150971850-1&_gid=1126789002.1663752811&_r=1>m=2ou9j0&did=dZGIzZG&gdid=dZGIzZG&z=131147654 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://investstable.ru
date: Wed, 21 Sep 2022 09:33:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13203
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash a2e812044128f3a98fbd7fda6a36e44d
6a701d845c7a70b1dd10d7f5e047011ae3689360
763986ad47e03273f158fa35b26da01d56de2460e8c1321a3fbea96fe22eb7f7
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:21:39 GMT
ETag: "6a701d845c7a70b1dd10d7f5e047011ae3689360"
Last-Modified: Wed, 21 Sep 2022 06:21:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2076
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccbfcf9cb509-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14d31c538ef2caf4422a82eae13752fb
64a60fba95891f5dcc3d098c78ca3705d679c073
9bf27ebead2d15f04d2874793cb043a7d650b50902092fe6ae3a5a9891c5cabe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4397
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Last-Modified: Wed, 21 Sep 2022 08:20:14 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 384432327e59911893dde92354ad4004
9072301d1849be2ae1124b82d6e8a5ff813c6fed
47dc57891100bb43fefd0e8a5ea71455f31488cfc947245a4082bdd9dc438a9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Last-Modified: Wed, 21 Sep 2022 07:48:41 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 3MPPLO/lWsZIYWtM4KgeSv9Tk1ynHFoT6XAhIXPfdi+cxfsyOe7yU3zG2JYYlg1qnHopHqjjO9SVgmGqaQ18dA==
content-length: 26839
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 09:33:31 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3a67d25e1c7782b71e18d99fbc19143c
7ca3c086aa1e8071fd95e9b76e0a775b3b79f81c
b93e7d30cc78f935e16755e61c75946da734a077949d105f31b3ec6e80231cca
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3570
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Last-Modified: Wed, 21 Sep 2022 08:34:02 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 3b7b89c4c0bed15de0b5a8c38cb86846
9b2eb3991c2aaa92a2a2b16bc778dfd965de0277
89136da64144dd375c2c308626f15f63e7424b4e66d6a78b38d0a717a9027f1d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:55:24 GMT
ETag: "9b2eb3991c2aaa92a2a2b16bc778dfd965de0277"
Last-Modified: Wed, 21 Sep 2022 06:55:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2747
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccc0381eb509-OSL
89b803c16ada2a63d903ac68020bb075-sp.ops.beeline.ru/p?ssp=sp&id=89B803C16ADA2A63D903AC68020BB075
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 89b803c16ada2a63d903ac68020bb075-sp.ops.beeline.ru/p?ssp=sp&id=89B803C16ADA2A63D903AC68020BB075
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: 89b803c16ada2a63d903ac68020bb075-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=793c6c2c-da1c-471f-9385-9733dd605f3b
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=793c6c2c-da1c-471f-9385-9733dd605f3b; expires=Tue, 12 Sep 2023 09:33:31 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.59
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-ca-pub-8209382010145353
142.250.74.98200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-ca-pub-8209382010145353
IP 142.250.74.98:0
File type ASCII text, with very long lines (2903)
Hash fa30d4dd608bb6ad1da80f8b88f0d072
b7d513c1d3499d8473f1d92d2ee9ebbb8ccfe767
c960d41bd5797350cfaf1a3d28b445905001a5ff40accc34c4c1dd8b3ace3cb8
GET /pagead/js/adsbygoogle.js?client=ca-ca-pub-8209382010145353 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Wed, 21 Sep 2022 09:33:31 GMT
expires: Wed, 21 Sep 2022 09:33:31 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3358355803634077585
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7dac52c8875f8ee9a985c4b24cf0ca34
6f0cfe099f389167c4660ab1eab1be5dd9a0b3a5
9d9e74f7121399f63901dda5622e7ae4e2199c44358a421780c2b1c2fc41114d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D9E74F7121399F63901DDA5622E7AE4E2199C44358A421780C2B1C2FC41114D"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16265
Expires: Wed, 21 Sep 2022 14:04:36 GMT
Date: Wed, 21 Sep 2022 09:33:31 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 3b7b89c4c0bed15de0b5a8c38cb86846
9b2eb3991c2aaa92a2a2b16bc778dfd965de0277
89136da64144dd375c2c308626f15f63e7424b4e66d6a78b38d0a717a9027f1d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:55:24 GMT
ETag: "9b2eb3991c2aaa92a2a2b16bc778dfd965de0277"
Last-Modified: Wed, 21 Sep 2022 06:55:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2747
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccc049deb4f3-OSL
connect.facebook.net/signals/plugins/identity.js?v=2.9.83
157.240.200.14200 OK 21 kB URL HTTP/2 connect.facebook.net/signals/plugins/identity.js?v=2.9.83
IP 157.240.200.14:0
File type ASCII text, with very long lines (60036)
Hash 703b94b52d28f1e141de2f87bf8c1c1c
e2c615d215960b30a3d750fd277076fc48106106
c363dae6148c5c4822fd1083a8850e0682f710714c21fe3da6de7bebd5b806fd
GET /signals/plugins/identity.js?v=2.9.83 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fz/7TWi/756owKKANSlziMdki+O/3Oef8D3Tg1fahYtUZoUdZvhTSTSsUl8wR6IpPOD6uemj10rGHVq9QF42hQ==
content-length: 20715
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 09:33:31 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t12.15;r;s1280*1024*24;uhttps%3A//investstable.ru/;h%u0412%u0441%u0451%20%u043E%20%u0437%u0430%u0440%u0430%u0431%u043E%u0442%u043A%u0435%20%u0432%20%u0438%u043D%u0442%u0435%u0440%u043D%u0435%u0442%u0435%20-%20%u0414%u0443%u043C%u0430%u0439%2C%20%u043F%u0440%u0435%u0436%u0434%u0435%20%u0447%u0435%u043C%20%u0432%u043A%u043B%u0430%u0434%u044B%u0432%u0430%u0442%u044C%20%u0434%u0435%u043D%u044C%u0433%u0438%2C%20%u0438%20%u043D%u0435%20%u0437%u0430%u0431%u044B%u0432%u0430%u0439%20;0.7777424789345702
88.212.201.198200 OK 807 B URL HTTP/1.1 counter.yadro.ru/hit?t12.15;r;s1280*1024*24;uhttps%3A//investstable.ru/;h%u0412%u0441%u0451%20%u043E%20%u0437%u0430%u0440%u0430%u0431%u043E%u0442%u043A%u0435%20%u0432%20%u0438%u043D%u0442%u0435%u0440%u043D%u0435%u0442%u0435%20-%20%u0414%u0443%u043C%u0430%u0439%2C%20%u043F%u0440%u0435%u0436%u0434%u0435%20%u0447%u0435%u043C%20%u0432%u043A%u043B%u0430%u0434%u044B%u0432%u0430%u0442%u044C%20%u0434%u0435%u043D%u044C%u0433%u0438%2C%20%u0438%20%u043D%u0435%20%u0437%u0430%u0431%u044B%u0432%u0430%u0439%20;0.7777424789345702
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash ddeb55891a340ba1be4db55c4ff43cb3
b8b9139f2ec35ae37485fea6fc2f0493e546de93
16bb7b8a065e488d04a1b00749e74c1e2fa7a533b87fb822beea113b107815fb
GET /hit?t12.15;r;s1280*1024*24;uhttps%3A//investstable.ru/;h%u0412%u0441%u0451%20%u043E%20%u0437%u0430%u0440%u0430%u0431%u043E%u0442%u043A%u0435%20%u0432%20%u0438%u043D%u0442%u0435%u0440%u043D%u0435%u0442%u0435%20-%20%u0414%u0443%u043C%u0430%u0439%2C%20%u043F%u0440%u0435%u0436%u0434%u0435%20%u0447%u0435%u043C%20%u0432%u043A%u043B%u0430%u0434%u044B%u0432%u0430%u0442%u044C%20%u0434%u0435%u043D%u044C%u0433%u0438%2C%20%u0438%20%u043D%u0435%20%u0437%u0430%u0431%u044B%u0432%u0430%u0439%20;0.7777424789345702 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: image/gif
Content-Length: 807
Connection: keep-alive
Expires: Mon, 20 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
kraken.rambler.ru/cnt/v2/?event_name=page_view&event_type=base&project_id=6699530&request_id=1663752810.666-12568735&event_id=463428109803958&meta=%7B%22browser_size%22%3A%221268x939%22%2C%22title%22%3A%22%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.%22%2C%22screen_size%22%3A%7B%22cr%22%3A1280%2C%22hr%22%3A1024%7D%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A0%2C%22referer%22%3A%22%22%2C%22is_first%22%3A1%7D&url=https%3A%2F%2Finveststable.ru%2F&session_id=965615880_1663752810669&session_number=1&session_event_number=1&tid=t1.6699530.2123457652.1663752810667&adtech_uid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7&adtech_uid_scope=investstable.ru&fingerprint=pA8AAENKs1er0heJAXvnWwA%3D&fingerprint_ip=pA8AAENKs1dky%2B7aATvR3QA%3D&version=3.10.9&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2091872716
81.19.89.17200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_name=page_view&event_type=base&project_id=6699530&request_id=1663752810.666-12568735&event_id=463428109803958&meta=%7B%22browser_size%22%3A%221268x939%22%2C%22title%22%3A%22%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.%22%2C%22screen_size%22%3A%7B%22cr%22%3A1280%2C%22hr%22%3A1024%7D%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A0%2C%22referer%22%3A%22%22%2C%22is_first%22%3A1%7D&url=https%3A%2F%2Finveststable.ru%2F&session_id=965615880_1663752810669&session_number=1&session_event_number=1&tid=t1.6699530.2123457652.1663752810667&adtech_uid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7&adtech_uid_scope=investstable.ru&fingerprint=pA8AAENKs1er0heJAXvnWwA%3D&fingerprint_ip=pA8AAENKs1dky%2B7aATvR3QA%3D&version=3.10.9&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2091872716
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash ab7587316a539078f47cbc113810a1eb
27e636702c39cc363b5fcdbdb463d84d023de8a3
292ec7c404a8403839ffe25a1dffc0369d499e43e3e584d525016eaa0681db25
GET /cnt/v2/?event_name=page_view&event_type=base&project_id=6699530&request_id=1663752810.666-12568735&event_id=463428109803958&meta=%7B%22browser_size%22%3A%221268x939%22%2C%22title%22%3A%22%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.%22%2C%22screen_size%22%3A%7B%22cr%22%3A1280%2C%22hr%22%3A1024%7D%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A0%2C%22referer%22%3A%22%22%2C%22is_first%22%3A1%7D&url=https%3A%2F%2Finveststable.ru%2F&session_id=965615880_1663752810669&session_number=1&session_event_number=1&tid=t1.6699530.2123457652.1663752810667&adtech_uid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7&adtech_uid_scope=investstable.ru&fingerprint=pA8AAENKs1er0heJAXvnWwA%3D&fingerprint_ip=pA8AAENKs1dky%2B7aATvR3QA%3D&version=3.10.9&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2091872716 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0node0010.top100.rambler.tech
set-cookie: ruid=1CIAAGvaKmNMQ/SEAWR7owB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAGvaKmNMQ/SEAWR7owB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/?et=pv&v=3.10.9&pid=6699530&tid=t1.6699530.2123457652.1663752810667&rid=1663752810.666-12568735&fid=pA8AAENKs1er0heJAXvnWwA%3D&fip=pA8AAENKs1dky%2B7aATvR3QA%3D&aduid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7&aduidsc=investstable.ru&stid=965615880_1663752810669&sn=1&sen=0&en=UTF-8&ce=1&bs=1268x939&rf&pt=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Finveststable.ru%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&meta=%7B%22is_first%22%3A1%7D&rn=531788325&eid=901328109809813
81.19.89.17200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.10.9&pid=6699530&tid=t1.6699530.2123457652.1663752810667&rid=1663752810.666-12568735&fid=pA8AAENKs1er0heJAXvnWwA%3D&fip=pA8AAENKs1dky%2B7aATvR3QA%3D&aduid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7&aduidsc=investstable.ru&stid=965615880_1663752810669&sn=1&sen=0&en=UTF-8&ce=1&bs=1268x939&rf&pt=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Finveststable.ru%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&meta=%7B%22is_first%22%3A1%7D&rn=531788325&eid=901328109809813
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash ab7587316a539078f47cbc113810a1eb
27e636702c39cc363b5fcdbdb463d84d023de8a3
292ec7c404a8403839ffe25a1dffc0369d499e43e3e584d525016eaa0681db25
GET /cnt/?et=pv&v=3.10.9&pid=6699530&tid=t1.6699530.2123457652.1663752810667&rid=1663752810.666-12568735&fid=pA8AAENKs1er0heJAXvnWwA%3D&fip=pA8AAENKs1dky%2B7aATvR3QA%3D&aduid=9d2b2b8e-6003-4107-bd9e-711d7658c8c7&aduidsc=investstable.ru&stid=965615880_1663752810669&sn=1&sen=0&en=UTF-8&ce=1&bs=1268x939&rf&pt=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Finveststable.ru%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&meta=%7B%22is_first%22%3A1%7D&rn=531788325&eid=901328109809813 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0node0010.top100.rambler.tech
set-cookie: ruid=1CIAAGvaKmNMQ/SEAWZ7owB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAGvaKmNMQ/SEAWZ7owB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?id=2554513;t=466;l=1
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?id=2554513;t=466;l=1
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?id=2554513;t=466;l=1 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=2554513;t=466;l=1
set-cookie: FTID=1RMYgQ0tkIIC:1663752811:2554513:::; path=/; expires=Fri, 22-Sep-23 09:33:31 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash c5684fa24debcdd55cb7b6ea4e52de52
72dd5651384cd773852d35bdacce2cce2af4f03e
2c5e85a611daf54ab76aa6530645e2b27d6dc3b1ef2ccfc18351dcaf5162ec2d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 11:26:46 GMT
Expires: Sun, 25 Sep 2022 11:26:45 GMT
Etag: "72dd5651384cd773852d35bdacce2cce2af4f03e"
Cache-Control: max-age=351793,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e1ccbf991f0b39-OSL
informer.yandex.ru/informer/25781042/3_0_375139FF_173119FF_1_pageviews
93.158.134.119200 OK 1.4 kB URL HTTP/2 informer.yandex.ru/informer/25781042/3_0_375139FF_173119FF_1_pageviews
IP 93.158.134.119:0
File type PNG image data, 88 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash c15f4b873e8034d862c6b9e45c7f3655
643f32b71a46a864dc753c7a221b20ee74df90b1
4709127408cf7daf35ad9bbf0fb881ea2436e02f48e71a3fec6bfd9225235bd3
GET /informer/25781042/3_0_375139FF_173119FF_1_pageviews HTTP/1.1
Host: informer.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1384
last-modified: Wed, 21-Sep-2022 09:33:31 GMT
content-type: image/png
pragma: no-cache
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:31 GMT
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=793c6c2c-da1c-471f-9385-9733dd605f3b
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=793c6c2c-da1c-471f-9385-9733dd605f3b
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=793c6c2c-da1c-471f-9385-9733dd605f3b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 18 kB URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
File type ASCII text, with very long lines (1731)
Hash d668433ca888fa4af273ba5986cbb2bb
f992127ecd53e57dbea779d9785432457c916a5d
7ade92d2d129094fadc954c3402d7e7129f9615154c983e4bad91712046d2e4c
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 17:32:31 GMT
set-cookie: FTID=1RMYgQ0tkIIC:1663752811:0:::; path=/; expires=Fri, 22-Sep-23 09:33:31 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"6320beaf-7ecc"
expires: Wed, 21 Sep 2022 10:33:31 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?id=2554513;t=466;l=1
95.163.52.67200 OK 2.3 kB URL HTTP/2 top-fwz1.mail.ru/counter2?id=2554513;t=466;l=1
IP 95.163.52.67:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash eb9cf44f99e011e942f558a2bf4f3bba
4968e41cfe2955fcf46de0c9116f8e76ce418954
38912be13fd9cfa498d0387b75c9347b739a2afbfb7642ec34bb35e894908417
GET /counter2?id=2554513;t=466;l=1 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 2284
set-cookie: FTID=1RMYgQ0tkIIC:1663752811:2554513:::; path=/; expires=Fri, 22-Sep-23 09:33:31 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;title=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1663752811676%3A1663752811696%3A1%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7651515952011715
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;title=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1663752811676%3A1663752811696%3A1%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7651515952011715
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;title=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1663752811676%3A1663752811696%3A1%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7651515952011715 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;title=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1663752811676%3A1663752811696%3A1%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7651515952011715
set-cookie: FTID=1RMYgQ0tkIIC:1663752811:2554513:::; path=/; expires=Fri, 22-Sep-23 09:33:31 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1095636837296413&ev=PageView&dl=https%3A%2F%2Finveststable.ru%2F&rl=&if=false&ts=1663752811741&sw=1280&sh=1024&v=2.9.83&r=stable&a=wordpress-6.0.2-3.0.7&ec=0&o=30&fbp=fb.1.1663752811739.640335763&it=1663752811548&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=1095636837296413&ev=PageView&dl=https%3A%2F%2Finveststable.ru%2F&rl=&if=false&ts=1663752811741&sw=1280&sh=1024&v=2.9.83&r=stable&a=wordpress-6.0.2-3.0.7&ec=0&o=30&fbp=fb.1.1663752811739.640335763&it=1663752811548&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=1095636837296413&ev=PageView&dl=https%3A%2F%2Finveststable.ru%2F&rl=&if=false&ts=1663752811741&sw=1280&sh=1024&v=2.9.83&r=stable&a=wordpress-6.0.2-3.0.7&ec=0&o=30&fbp=fb.1.1663752811739.640335763&it=1663752811548&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Wed, 21 Sep 2022 09:33:31 GMT
expires: Wed, 21 Sep 2022 09:33:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;title=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1663752811676%3A1663752811696%3A1%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7651515952011715
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;title=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1663752811676%3A1663752811696%3A1%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7651515952011715
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;title=%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1663752811676%3A1663752811696%3A1%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7651515952011715 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIC:1663752811:2554513:::; path=/; expires=Fri, 22-Sep-23 09:33:31 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 3f01a6fe4be69809cd0b0d740ab50c40
8366aca59939c8a0cfe3bc4c7732e9f8cf031375
025a3b03a1e5af9f06a8fb2d3e113c5b73410e0e440cf34869c97b20ccb77829
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72206
date: Wed, 21 Sep 2022 09:33:31 GMT
access-control-allow-origin: *
etag: "63295b76-11a0e"
expires: Wed, 21 Sep 2022 10:33:31 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3ef019ce781ddbb79938868e1bf969be
27db5803c535a597bb29c96fc111255b14f4219d
60ade2388afdea80bb7c88016be34c92f7005c21dda6fe6ad07d4dba060744d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmp.gotechnology.io/match/sape?id=89B803C16ADA2A63D903AC68020BB075
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=89B803C16ADA2A63D903AC68020BB075
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=89B803C16ADA2A63D903AC68020BB075&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=89B803C16ADA2A63D903AC68020BB075
95.211.66.35200 OK 515 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=89B803C16ADA2A63D903AC68020BB075
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 7514371aab131d32e3eae376001d326c
2ba4a6ef5f5961e1bcb5104184b8622623861aef
0888f1f3310b663ea318d0a83aed46239d54b0c82b50c762102cfa9a110324b3
GET /merge_gpsid/?sid=50&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 21 Sep 2022 09:33:31 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=89B803C16ADA2A63D903AC68020BB075&chk=1
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=89B803C16ADA2A63D903AC68020BB075&chk=1
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=89B803C16ADA2A63D903AC68020BB075&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
location: https://ads.betweendigital.com/match?bidder_id=98&external_user_id=MTIxM2I0YTIzYWQ1OTZmZg
set-cookie: pid=MTIxM2I0YTIzYWQ1OTZmZg; expires=Thu, 21 Sep 2023 09:33:31 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 32d60a76f04221b40dd32e506b6cd47d
89367db15ef63d7916871a006276a981c8b7aec3
c36ad4f90208ed924129ff27e00a6662cc5cc4bf8c4c70e07d04107ddb47d817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwWraKmPZA6xoAguwdQ
142.250.74.2200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwWraKmPZA6xoAguwdQ
IP 142.250.74.2:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=ibgDwWraKmPZA6xoAguwdQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Wed, 21 Sep 2022 09:33:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 4a5e68247b7c097896487a10f0b5aff0
d1c48ac26a4326098828576b228bfcf7ac9e3847
fc0a625d1a34afd75b0043ff810c19b2bef693bb0bbd2ee0e44e23aea3238716
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 25 Sep 2022 07:38:12 GMT
ETag: "d1c48ac26a4326098828576b228bfcf7ac9e3847"
Last-Modified: Wed, 21 Sep 2022 07:38:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1141
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccc2fb0db509-OSL
partner.googleadservices.com/gampad/cookie.js?domain=investstable.ru&callback=_gfp_s_&client=ca-ca-pub-8209382010145353
172.217.21.162200 OK 205 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=investstable.ru&callback=_gfp_s_&client=ca-ca-pub-8209382010145353
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash b5db0a15b1595d47df40e6e37528f1aa
6356bd54b4e6cfd830f93affeefad1bcaff42c86
0d81604794b227ecbb413e68d5f8542b4209912417625a443d5457becac1aebb
GET /gampad/cookie.js?domain=investstable.ru&callback=_gfp_s_&client=ca-ca-pub-8209382010145353 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 09:33:31 GMT
server: cafe
cache-control: private
content-length: 205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=investstable.ru
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=investstable.ru
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=investstable.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 09:33:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=498344,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e1ccc2dc590b39-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.47302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4307533770; expires=Fri, 20 Sep 2024 09:33:32 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4307533770
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/89B803C16ADA2A63D903AC68020BB075
93.95.102.105204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/89B803C16ADA2A63D903AC68020BB075
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 09:33:31 GMT
set-cookie: uid=XV9maWMq2ms6UIY3H1OcAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
ad.mail.ru/cm.gif?p=48&id=89B803C16ADA2A63D903AC68020BB075
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=89B803C16ADA2A63D903AC68020BB075
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:32 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=20FDGB0RI1IC0023rm3ZC9IC:::0-0-0-845332c:CAASELmzJl4QPHlZOoZAdW0h_Y4aYLwzIe7d1JQrNC2p3LDNirkvWJCGl04A1oXWBO6hEUd8JvS9qJfds1k7RgccNzCcy0Kdi4CJ-XDGaOaqLawa05Y1Ih-hkfm4rCZ1D1zw5dH_Jkea05v6fHg5Zwab9GGxNQ; path=/; expires=Fri, 22-Sep-23 09:33:32 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Wed, 21 Sep 2022 15:33:32 GMT
cache-control: max-age=21600
last-modified: Wed, 21 Sep 2022 09:33:32 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C16ADA2A63D903AC68020BB075
195.209.111.19200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C16ADA2A63D903AC68020BB075
IP 195.209.111.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ddbcbecfc057efc5818baa2d00bf3be9
81959b98f864c8b48587bae773c5a8a33748b4e2
745b010b944478b94b2f6d8dad754fb395abb7dede46876df67be8f0f2283fea
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 04:18:18 GMT
Expires: Mon, 26 Sep 2022 04:18:17 GMT
Etag: "81959b98f864c8b48587bae773c5a8a33748b4e2"
Cache-Control: max-age=600121,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1691
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccc36e2bb505-OSL
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=95563913-92c5-5208-8858-eb4feb723123; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
ut=YyrabAABOIDg_HlNDmUNi900rdURy0OJsEXCNg==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3ef019ce781ddbb79938868e1bf969be
27db5803c535a597bb29c96fc111255b14f4219d
60ade2388afdea80bb7c88016be34c92f7005c21dda6fe6ad07d4dba060744d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=investstable.ru
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=investstable.ru
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=investstable.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 21 Sep 2022 09:33:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash d585412ba4b68a7154cefb92ccfc8424
b40f5b817ba879b6ec3df30081f27cfd4e27ccdf
b8d745b92c89ab0cfd76ce36050de61f6fed4c2d3b26fea162b3105d1f8113b2
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:28:39 GMT
ETag: "b40f5b817ba879b6ec3df30081f27cfd4e27ccdf"
Last-Modified: Wed, 21 Sep 2022 06:28:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 343
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccc3b96fb518-OSL
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 330a7be23b8bb6740b9cbeb4c71f4b10
38acf0c9f2d93466e4e7c78d8199a50b818c1730
a282bf1769eae099fc86f7a1bb4d2cc92e3098ec42d67463253d914a7cb2b650
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5007
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:32 GMT
Last-Modified: Wed, 21 Sep 2022 08:10:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05dfa19609343ef6acdaf2ccc3ca8add
5a51311c554ae7a13d677484cb09e408e16f2a50
85609b2731a7e9966f02caa9e9592686859f26a2fe9f43bc5224a8ca82736161
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9f43883942b62e69fddb651d99a3dd1
7c66254b2619fe098291f70ff23fccad3339b069
87cc1ed52f443895e5d7615695d2d1162e0bd93edf17990029727e52ce33256b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87CC1ED52F443895E5D7615695D2D1162E0BD93EDF17990029727E52CE33256B"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2989
Expires: Wed, 21 Sep 2022 10:23:21 GMT
Date: Wed, 21 Sep 2022 09:33:32 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 681bf585c9b9a57ff5064616e31f0394
6dfc71698e38d845dad775e42c5d267a81d15ad5
f2e61db548e8b431066c2d02e163ea2ede61b64e8b3fdc336ef5a7b3c5d614e9
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 25 Sep 2022 06:54:23 GMT
ETag: "6dfc71698e38d845dad775e42c5d267a81d15ad5"
Last-Modified: Wed, 21 Sep 2022 06:54:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3465
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccc3ebfbb509-OSL
sape-sync.rutarget.ru/sync
46.243.143.249302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 46.243.143.249:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=c3VtS_jhxTBU
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=c3VtS_jhxTBU; Path=/; Domain=.rutarget.ru; Expires=Mon, 20 Mar 2023 09:33:32 GMT; SameSite=None; Secure
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Length: 0
Connection: close
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash d20059415c691b53b31f06698e94e2db
9d3f657168eceb1977224ed18174a6d1730ed9f7
6da7cb7b0a7d7a2fdd383f1c6cd5bb9dab51870bda490d0e55767424a2303d36
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 23:07:32 GMT
Expires: Wed, 21 Sep 2022 23:07:32 GMT
ETag: "9d3f657168eceb1977224ed18174a6d1730ed9f7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 32d60a76f04221b40dd32e506b6cd47d
89367db15ef63d7916871a006276a981c8b7aec3
c36ad4f90208ed924129ff27e00a6662cc5cc4bf8c4c70e07d04107ddb47d817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash f3b53cc2dac8deb22ea746a67e2dd890
93a9c030d50da0c4aa8ff566a6bb2c020874ea9e
f61781c83aab48b821e7dd9f3eab7a00daa58f36672e3f6f2721e936f291739b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 25 Sep 2022 07:42:05 GMT
ETag: "93a9c030d50da0c4aa8ff566a6bb2c020874ea9e"
Last-Modified: Wed, 21 Sep 2022 07:42:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2239
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1ccc42c3eb509-OSL
sm.rtb.mts.ru/p?ssp=sape&id=89B803C16ADA2A63D903AC68020BB075
217.66.147.164301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=89B803C16ADA2A63D903AC68020BB075
IP 217.66.147.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C16ADA2A63D903AC68020BB075
Set-Cookie: dspid=c4b0b251-f32f-48bb-9ab0-0354603153ee; expires=Tue, 12 Sep 2023 09:33:32 GMT; domain=.mts.ru; path=/; secure; SameSite=None
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Wed, 21 Sep 2022 09:33:31 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1785968471
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 21 Sep 2022 09:33:32 GMT
set-cookie: AFFICHE_W=1Na6VV0eqZ-U92; expires=Thu, 19 Oct 2023 09:33:32 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0c2e17d8cf31157df1a4bd2f99a54c6c
c0bbb9ac61662fda8781947855cf7074484ac540
52f7b19b0215b25985a1e67274af794f09cd838879b503fe985141aee33a5707
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 04:09:18 GMT
Expires: Tue, 27 Sep 2022 04:09:17 GMT
Etag: "c0bbb9ac61662fda8781947855cf7074484ac540"
Cache-Control: max-age=498344,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e1ccc31ea91bfa-OSL
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 09:33:32 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Wed, 21 Sep 2022 10:33:32 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.144200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.144:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Wed, 21 Sep 2022 09:04:49 GMT
Connection: keep-alive
ETag: "632ad3b1-beb"
Accept-Ranges: bytes
px.adhigh.net/p/cm/sape?u=89B803C16ADA2A63D903AC68020BB075
193.232.150.60302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=89B803C16ADA2A63D903AC68020BB075
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:32 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=ughaaCbY2dx1.AikABlGDX2U2og;Path=/;Domain=.adhigh.net;Expires=Thu, 21-Sep-2023 09:33:32 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=89B803C16ADA2A63D903AC68020BB075&bounced=1
X-Firefox-Spdy: h2
mc.yandex.ru/watch/25781042?wmode=7&page-url=https%3A%2F%2Finveststable.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1620210952745%3Ahid%3A272554998%3Az%3A0%3Ai%3A20220921093332%3Aet%3A1663752812%3Ac%3A1%3Arn%3A1025771360%3Arqn%3A1%3Au%3A1663752812938317349%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C289%2C85%2C0%2C1010%2C0%2C%2C479%2C11%2C%2C%2C%2C1952%3Ans%3A1663752808603%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663752812%3At%3A%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/25781042?wmode=7&page-url=https%3A%2F%2Finveststable.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1620210952745%3Ahid%3A272554998%3Az%3A0%3Ai%3A20220921093332%3Aet%3A1663752812%3Ac%3A1%3Arn%3A1025771360%3Arqn%3A1%3Au%3A1663752812938317349%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C289%2C85%2C0%2C1010%2C0%2C%2C479%2C11%2C%2C%2C%2C1952%3Ans%3A1663752808603%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663752812%3At%3A%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/25781042?wmode=7&page-url=https%3A%2F%2Finveststable.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1620210952745%3Ahid%3A272554998%3Az%3A0%3Ai%3A20220921093332%3Aet%3A1663752812%3Ac%3A1%3Arn%3A1025771360%3Arqn%3A1%3Au%3A1663752812938317349%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C289%2C85%2C0%2C1010%2C0%2C%2C479%2C11%2C%2C%2C%2C1952%3Ans%3A1663752808603%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663752812%3At%3A%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/25781042/1?wmode=7&page-url=https%3A%2F%2Finveststable.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1620210952745%3Ahid%3A272554998%3Az%3A0%3Ai%3A20220921093332%3Aet%3A1663752812%3Ac%3A1%3Arn%3A1025771360%3Arqn%3A1%3Au%3A1663752812938317349%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C289%2C85%2C0%2C1010%2C0%2C%2C479%2C11%2C%2C%2C%2C1952%3Ans%3A1663752808603%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663752812%3At%3A%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 21 Sep 2022 09:33:32 GMT
access-control-allow-origin: https://investstable.ru
set-cookie: yandexuid=8770748661663752812; Expires=Thu, 21-Sep-2023 09:33:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8770748661663752812; Expires=Thu, 21-Sep-2023 09:33:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2153558261663752812; Path=/; SameSite=None; Secure
i=4+zC2rZaHdihmDdI/1OeFjiMbK1h29HpC4f7VIhYPOAPrdXCIw2N7vKatwfYQQyE2Dfx3S+2kG3/Nn1HRw0I5z/l/68=; Expires=Sat, 18-Sep-2032 09:33:22 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695288812.yrts.1663752812#1695288812.yrtsi.1663752812; Expires=Thu, 21-Sep-2023 09:33:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:32 GMT
last-modified: Wed, 21-Sep-2022 09:33:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=a8350efa-f2a3-5208-b870-77f5db5aad99; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
ut=YyrabAADawDsvcPenHHbTeREkjEyOJnY9Ncg-Q==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=c3VtS_jhxTBU
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=c3VtS_jhxTBU
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=c3VtS_jhxTBU HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:32 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C16ADA2A63D903AC68020BB075
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C16ADA2A63D903AC68020BB075
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=89B803C16ADA2A63D903AC68020BB075&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=d0e12695-2ff8-5208-954d-e018f6673a74; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
ut=YyrabAADjih9-UXMXzPWlGtWvReBJXOvt6zpBw==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4307533770
195.209.108.47302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4307533770
IP 195.209.108.47:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4307533770 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 20 Sep 2024 09:33:32 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1785968471
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1785968471
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1785968471 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Wed, 21 Sep 2022 09:33:31 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 21 Sep 2022 09:33:32 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C16ADA2A63D903AC68020BB075
217.66.147.164301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=89B803C16ADA2A63D903AC68020BB075
IP 217.66.147.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
mc.yandex.ru/watch/25781042/1?wmode=7&page-url=https%3A%2F%2Finveststable.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1620210952745%3Ahid%3A272554998%3Az%3A0%3Ai%3A20220921093332%3Aet%3A1663752812%3Ac%3A1%3Arn%3A1025771360%3Arqn%3A1%3Au%3A1663752812938317349%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C289%2C85%2C0%2C1010%2C0%2C%2C479%2C11%2C%2C%2C%2C1952%3Ans%3A1663752808603%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663752812%3At%3A%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 442 B URL HTTP/2 mc.yandex.ru/watch/25781042/1?wmode=7&page-url=https%3A%2F%2Finveststable.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1620210952745%3Ahid%3A272554998%3Az%3A0%3Ai%3A20220921093332%3Aet%3A1663752812%3Ac%3A1%3Arn%3A1025771360%3Arqn%3A1%3Au%3A1663752812938317349%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C289%2C85%2C0%2C1010%2C0%2C%2C479%2C11%2C%2C%2C%2C1952%3Ans%3A1663752808603%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663752812%3At%3A%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (442), with no line terminators
Hash 8c2a460cebd49c891be72d148a937332
2d65f6eaace0a831d020df4f9d8f07c3efc053eb
6fda3b97e7c593ab7371082c7f5096df829dc67465f691aa3ec178bc3d7ced67
GET /watch/25781042/1?wmode=7&page-url=https%3A%2F%2Finveststable.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1836%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A1620210952745%3Ahid%3A272554998%3Az%3A0%3Ai%3A20220921093332%3Aet%3A1663752812%3Ac%3A1%3Arn%3A1025771360%3Arqn%3A1%3Au%3A1663752812938317349%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C289%2C85%2C0%2C1010%2C0%2C%2C479%2C11%2C%2C%2C%2C1952%3Ans%3A1663752808603%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663752812%3At%3A%D0%92%D1%81%D1%91%20%D0%BE%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B5%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B5%20-%20%D0%94%D1%83%D0%BC%D0%B0%D0%B9%2C%20%D0%BF%D1%80%D0%B5%D0%B6%D0%B4%D0%B5%20%D1%87%D0%B5%D0%BC%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%2C%20%D0%B8%20%D0%BD%D0%B5%20%D0%B7%D0%B0%D0%B1%D1%8B%D0%B2%D0%B0%D0%B9%20%D0%B4%D1%83%D0%BC%D0%B0%D1%82%D1%8C%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%83%D0%B6%D0%B5%20%D0%B2%D0%BB%D0%BE%D0%B6%D0%B8%D0%BB%20%D0%B8%D1%85.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://investstable.ru
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 442
date: Wed, 21 Sep 2022 09:33:32 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://investstable.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:32 GMT
last-modified: Wed, 21-Sep-2022 09:33:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash d20059415c691b53b31f06698e94e2db
9d3f657168eceb1977224ed18174a6d1730ed9f7
6da7cb7b0a7d7a2fdd383f1c6cd5bb9dab51870bda490d0e55767424a2303d36
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 23:07:32 GMT
Expires: Wed, 21 Sep 2022 23:07:32 GMT
ETag: "9d3f657168eceb1977224ed18174a6d1730ed9f7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
px.adhigh.net/p/cm/sape?u=89B803C16ADA2A63D903AC68020BB075&bounced=1
193.232.150.60200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=89B803C16ADA2A63D903AC68020BB075&bounced=1
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=89B803C16ADA2A63D903AC68020BB075&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:32 GMT
content-type: image/gif
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1095cbeab0f073ac21b542ece43906e4
6a95016d800f003c5a9be4fb1a806178aeb263b3
cea83b7581093c0900582f4034033ef7b759a15163cd164b513f7cc47de60694
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 14:18:44 GMT
Expires: Tue, 27 Sep 2022 14:18:43 GMT
Etag: "6a95016d800f003c5a9be4fb1a806178aeb263b3"
Cache-Control: max-age=534910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e1ccc3fd5d0b39-OSL
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
185.12.125.25302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 185.12.125.25:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 21 Sep 2022 09:33:32 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C16ADA2A63D903AC68020BB075
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=98&external_user_id=MTIxM2I0YTIzYWQ1OTZmZg&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=98&external_user_id=MTIxM2I0YTIzYWQ1OTZmZg&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=98&external_user_id=MTIxM2I0YTIzYWQ1OTZmZg&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=2c180dff-f996-5208-a6da-381fc5f0e273; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
ut=YyrabAAFgiiV5m15a5iE1WGRlse7lVURsMhqYA==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C16ADA2A63D903AC68020BB075&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=89B803C16ADA2A63D903AC68020BB075&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=89B803C16ADA2A63D903AC68020BB075&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=c658c5a9-666e-5208-b8a0-f8fcdb8a2290; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
ut=YyrabAAFifjRVasvc3gH36Z_n48zCVQEQSJ6MQ==; Max-Age=31536000; Expires=Thu, 21 Sep 2023 09:33:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=89B803C16ADA2A63D903AC68020BB075
89.108.119.43302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=89B803C16ADA2A63D903AC68020BB075
IP 89.108.119.43:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:32 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=89B803C16ADA2A63D903AC68020BB075&bounce=1
expires: Wed, 21 Sep 2022 09:33:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 21 Sep 2022 09:33:31 GMT
set-cookie: __upin=4qc5HjpFzmY7KeefBKWt8w;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663752812;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C16ADA2A63D903AC68020BB075
195.209.111.19200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C16ADA2A63D903AC68020BB075
IP 195.209.111.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
x01.aidata.io/0.gif?pid=9401454&id=89B803C16ADA2A63D903AC68020BB075&bounce=1
89.108.119.43204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=89B803C16ADA2A63D903AC68020BB075&bounce=1
IP 89.108.119.43:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=89B803C16ADA2A63D903AC68020BB075&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 21 Sep 2022 09:33:32 GMT
expires: Wed, 21 Sep 2022 09:33:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 21 Sep 2022 09:33:31 GMT
set-cookie: __upin=mDKV/6JGqDtnm0eAmlOc8Q;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1663752812;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=380344718218944
185.15.175.144200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=380344718218944
IP 185.15.175.144:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 9d8bbf9b7d1aaed9a324a9cf9977dda4
d3365fba7f95ca11a9564b373162d1ddb06fcdbd
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
GET /processor.js?i=380344718218944 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Wed, 21 Sep 2022 09:04:50 GMT
Connection: keep-alive
ETag: "632ad3b2-3e14"
Accept-Ranges: bytes
c65521c3-2693-42c1-b2f6-2318d64fa5f3.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
148.251.237.106302 Found 0 B URL HTTP/2 c65521c3-2693-42c1-b2f6-2318d64fa5f3.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
IP 148.251.237.106:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1
Host: c65521c3-2693-42c1-b2f6-2318d64fa5f3.sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1663752811138; user_id=c65521c3-2693-42c1-b2f6-2318d64fa5f3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 21 Sep 2022 09:33:32 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=c65521c3-2693-42c1-b2f6-2318d64fa5f3;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=c65521c3-2693-42c1-b2f6-2318d64fa5f3;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=c65521c3-2693-42c1-b2f6-2318d64fa5f3
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=c65521c3-2693-42c1-b2f6-2318d64fa5f3
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=c65521c3-2693-42c1-b2f6-2318d64fa5f3
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=c65521c3-2693-42c1-b2f6-2318d64fa5f3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:32 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tech.rtb.mts.ru/
213.87.44.187204 No Content 0 B IP 213.87.44.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Set-Cookie: mts_id=996f0e80-c56d-431e-b098-bc192118c085; Domain=mts.ru; expires=Fri, 30 Jul 2032 09:33:32 GMT; SameSite=None; Secure
mts_id_last_sync=1663752812; Domain=mts.ru; expires=Fri, 30 Jul 2032 09:33:32 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d15eea4ee7bcab908fb1dca8e5e590c7
156cb5fc1e2fc5ea602880c2a8523a96c0145efd
7828b1f22addc2b108044b4a9b79ac64543ad2899c882b01413983739fd571da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7828B1F22ADDC2B108044B4A9B79AC64543AD2899C882B01413983739FD571DA"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15047
Expires: Wed, 21 Sep 2022 13:44:19 GMT
Date: Wed, 21 Sep 2022 09:33:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d15eea4ee7bcab908fb1dca8e5e590c7
156cb5fc1e2fc5ea602880c2a8523a96c0145efd
7828b1f22addc2b108044b4a9b79ac64543ad2899c882b01413983739fd571da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7828B1F22ADDC2B108044B4A9B79AC64543AD2899C882B01413983739FD571DA"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15047
Expires: Wed, 21 Sep 2022 13:44:19 GMT
Date: Wed, 21 Sep 2022 09:33:32 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=548768004148779.462790042881738&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.158307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=548768004148779.462790042881738&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=548768004148779.462790042881738&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=548768004148779.462790042881738&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=2BkuaC8adjyeSu77cJRF; Max-Age=93312000; Expires=Fri, 05 Sep 2025 09:33:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=548768004148779.386101432782521&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.158307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=548768004148779.386101432782521&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=548768004148779.386101432782521&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=548768004148779.386101432782521&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=uVkCVtJamip1slk7xZRQ; Max-Age=93312000; Expires=Fri, 05 Sep 2025 09:33:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=548768004148779.462790042881738&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.158200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=548768004148779.462790042881738&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=548768004148779.462790042881738&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 5
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=548768004148779.386101432782521&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.158200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=548768004148779.386101432782521&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=548768004148779.386101432782521&a=77&e=89B803C16ADA2A63D903AC68020BB075&pref=https%3A%2F%2Finveststable.ru%2F&c=ss:77.up:89B803C16ADA2A63D903AC68020BB075.sync:up.xdua:duXzWBwkE_fUuytF9raror_t.xps:xpsi_PWaeRPQh9CCSUccC8njN.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Sep 2022 09:33:32 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 2
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.4.0&uid=192df9e0-c59b-4728-8c73-be680d6d2f7d&dp=10&tz=%2B00%3A00&nc=96414801&dT=2022-09-21T09%3A33%3A33.621
185.12.125.25200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=192df9e0-c59b-4728-8c73-be680d6d2f7d&dp=10&tz=%2B00%3A00&nc=96414801&dT=2022-09-21T09%3A33%3A33.621
IP 185.12.125.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=192df9e0-c59b-4728-8c73-be680d6d2f7d&dp=10&tz=%2B00%3A00&nc=96414801&dT=2022-09-21T09%3A33%3A33.621 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Cookie: aid=wQO4iWMq2mporAPZdbALAsr0gpBBPkoiMX4fojae52OhTZZ8; test_cookie=CheckForPermission; cSyncDp7v2=1663752810; cSyncDp14v3=1663752810; cSyncDp17=1663752810; cSyncDp32=1663752810; cSyncDp45v3=1663752810; cSyncDp53=1663752810; cSyncDp54v2=1663752810; cSyncDp62=1663752810; cSyncDp67v2=1663752810; cSyncDp68=1663752810; cSyncDp71=1663752810; cSyncDp77=1663752810; cSyncDp84=1663752810; cSyncDp85=1663752810; cSyncDp95v3=1663752810; cSyncDp101=1663752810; cSyncDp104v2=1663752810; cSyncDp107=1663752810; cSyncDp110=1663752810; cSyncDp111v2=1663752810; cSyncDp112v2=1663752810; cSyncDp125v2=1663752810; cSyncDp126=1663752810; cSyncDp127=1663752810; cSyncDp129=1663752810; cSyncDp136v2=1663752810; cSyncDp138=1663752810; cSyncDp144=1663752810; cSyncDp146=1663752810; cSyncDp148=1663752810; cSyncDp149=1663752810; cSyncDp151=1663752810; cSyncDp178=1663752810; cSyncDp179=1663752810; cSyncDp186=1663752810; cSyncDp221=1663752810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 09:33:33 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=1&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=515312960&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663752815%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093334%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752815&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=1&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=515312960&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663752815%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093334%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752815&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/25781042?wmode=0&wv-part=1&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=515312960&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663752815%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093334%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752815&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 129681
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 09:33:35 GMT
access-control-allow-origin: https://investstable.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:35 GMT
last-modified: Wed, 21-Sep-2022 09:33:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=1&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=876137117&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663752815%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093335%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752815&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=1&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=876137117&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663752815%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093335%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752815&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/25781042?wmode=0&wv-part=1&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=876137117&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663752815%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093335%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752815&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 54
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 09:33:35 GMT
access-control-allow-origin: https://investstable.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:35 GMT
last-modified: Wed, 21-Sep-2022 09:33:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1663752811676%3A1663752817779%3A2%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.5706340500036805;e=RT/unload;et=1663752817778;pvt=7253;vtauto=6109
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1663752811676%3A1663752817779%3A2%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.5706340500036805;e=RT/unload;et=1663752817778;pvt=7253;vtauto=6109
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=2554513;u=https%3A//investstable.ru/;st=1663752810525;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a7caf3d1a7c50ecd;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1663752811676%3A1663752817779%3A2%3A771e4312bef1c3170150101b262f9bb0;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.5706340500036805;e=RT/unload;et=1663752817778;pvt=7253;vtauto=6109 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:37 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIC:1663752817:2554513:::; path=/; expires=Fri, 22-Sep-23 09:33:37 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/89B803C16ADA2A63D903AC68020BB075?redir-setuniq=1
213.180.193.90200 OK 93 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/89B803C16ADA2A63D903AC68020BB075?redir-setuniq=1
IP 213.180.193.90:0
Hash bac7f3d6422fb9964705ea3ea3d541c1
d17be3503eef86f05876c99639fb7ef0863a35de
02aea085bcf868eda5aabc75296f6a3ece4a6f95b80f5ad68687a92e08017949
GET /mapuid/sapeis/89B803C16ADA2A63D903AC68020BB075?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 21 Sep 2022 09:33:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 09:33:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 21 Sep 2022 09:33:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=992688519&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=992688519&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/25781042?wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=992688519&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 15
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 09:33:37 GMT
access-control-allow-origin: https://investstable.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:37 GMT
last-modified: Wed, 21-Sep-2022 09:33:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=621462828&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/25781042?wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=621462828&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/25781042?wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=621462828&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 21
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 09:33:37 GMT
access-control-allow-origin: https://investstable.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:37 GMT
last-modified: Wed, 21-Sep-2022 09:33:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/25781042?wv-check=51359&wv-type=0&wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=410189510&browser-info=gdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/25781042?wv-check=51359&wv-type=0&wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=410189510&browser-info=gdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/25781042?wv-check=51359&wv-type=0&wmode=0&wv-part=2&wv-hit=272554998&page-url=https%3A%2F%2Finveststable.ru%2F&rn=410189510&browser-info=gdpr%3A14%3Aet%3A1663752818%3Aw%3A1268x939%3Av%3A903%3Az%3A0%3Ai%3A20220921093337%3Au%3A1663752812938317349%3Avf%3Aat6op7b9z7b01ildsv2t4%3Awe%3A1%3Ast%3A1663752818&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: https://investstable.ru
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 21 Sep 2022 09:33:37 GMT
access-control-allow-origin: https://investstable.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 09:33:37 GMT
last-modified: Wed, 21-Sep-2022 09:33:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.6
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.6
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.3.6 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Sat, 03 Sep 2022 08:53:46 GMT
vary: Accept-Encoding
etag: W/"6313161a-5f96"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Sat, 16 Jul 2022 13:39:05 GMT
vary: Accept-Encoding
etag: W/"62d2bf79-15b64"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.3.6
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.3.6
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.3.6 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 08:53:46 GMT
vary: Accept-Encoding
etag: W/"6313161a-28fc"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.6
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.6
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.6 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 19 Sep 2022 14:46:23 GMT
vary: Accept-Encoding
etag: W/"632880bf-28722"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/themes/elegantwp/assets/js/theia-sticky-sidebar.min.js
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/themes/elegantwp/assets/js/theia-sticky-sidebar.min.js
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/elegantwp/assets/js/theia-sticky-sidebar.min.js HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 17:36:19 GMT
vary: Accept-Encoding
etag: W/"60f5b813-1535"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.6
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.6
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.6 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 19 Sep 2022 14:46:23 GMT
vary: Accept-Encoding
etag: W/"632880bf-35ed"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.130.41.35:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Dec 2020 09:02:02 GMT
vary: Accept-Encoding
etag: W/"5fd1e40a-2bd8"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 45.130.41.35:0
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Fri, 02 Sep 2022 05:07:05 GMT
vary: Accept-Encoding
etag: W/"63118f79-25d0"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/advanced-responsive-video-embedder/build/main.css?ver=54d2e76056851d3b806e
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/advanced-responsive-video-embedder/build/main.css?ver=54d2e76056851d3b806e
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/advanced-responsive-video-embedder/build/main.css?ver=54d2e76056851d3b806e HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 05:07:02 GMT
vary: Accept-Encoding
etag: W/"63118f76-47a"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.4
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.4
IP 45.130.41.35:0
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.4 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Fri, 02 Sep 2022 05:07:19 GMT
vary: Accept-Encoding
etag: W/"63118f87-1f50"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/themes/elegantwp/assets/js/ResizeSensor.min.js
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/themes/elegantwp/assets/js/ResizeSensor.min.js
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/elegantwp/assets/js/ResizeSensor.min.js HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 17:36:19 GMT
vary: Accept-Encoding
etag: W/"60f5b813-c29"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
cp.beget.com/promo_data/static/static300x1050_1.png
193.168.47.247200 OK 0 B URL HTTP/2 cp.beget.com/promo_data/static/static300x1050_1.png
IP 193.168.47.247:0
GET /promo_data/static/static300x1050_1.png HTTP/1.1
Host: cp.beget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: image/png
content-length: 195182
last-modified: Tue, 20 Sep 2022 06:36:49 GMT
etag: "63295f81-2fa6e"
expires: Fri, 21 Oct 2022 09:33:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
investstable.ru/
45.130.41.35200 OK 0 B IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: W3 Total Cache/2.2.4
last-modified: Wed, 21 Sep 2022 09:33:30 GMT
expires: Wed, 21 Sep 2022 10:33:30 GMT
pragma: public
cache-control: max-age=3600, public
etag: "66b024924268cec532efb9aa9a84c9ce"
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
investstable.ru/wp-content/themes/elegantwp/style.css
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/themes/elegantwp/style.css
IP 45.130.41.35:0
GET /wp-content/themes/elegantwp/style.css HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 19 Jul 2021 17:36:19 GMT
vary: Accept-Encoding
etag: W/"60f5b813-11264"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Sat, 28 Oct 2017 03:27:10 GMT
vary: Accept-Encoding
etag: W/"59f3f90e-46f"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/wp-social-likes/js/custom-buttons.js?ver=6.0.2
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/wp-social-likes/js/custom-buttons.js?ver=6.0.2
IP 45.130.41.35:0
GET /wp-content/plugins/wp-social-likes/js/custom-buttons.js?ver=6.0.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 02 Oct 2017 09:45:09 GMT
vary: Accept-Encoding
etag: W/"59d20aa5-6da"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/themes/elegantwp/assets/js/navigation.js
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/themes/elegantwp/assets/js/navigation.js
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/elegantwp/assets/js/navigation.js HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 17:36:19 GMT
vary: Accept-Encoding
etag: W/"60f5b813-2485"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 05:07:05 GMT
vary: Accept-Encoding
etag: W/"63118f79-aab"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/piotnet-addons-for-elementor/assets/css/minify/extension.min.css?ver=2.4.20
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/piotnet-addons-for-elementor/assets/css/minify/extension.min.css?ver=2.4.20
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/piotnet-addons-for-elementor/assets/css/minify/extension.min.css?ver=2.4.20 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 19 Sep 2022 14:46:29 GMT
vary: Accept-Encoding
etag: W/"632880c5-45b"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Fri, 02 Sep 2022 05:07:31 GMT
vary: Accept-Encoding
etag: W/"63118f93-2e7a"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/themes/elegantwp/assets/js/jquery.fitvids.min.js
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/themes/elegantwp/assets/js/jquery.fitvids.min.js
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/elegantwp/assets/js/jquery.fitvids.min.js HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 17:36:19 GMT
vary: Accept-Encoding
etag: W/"60f5b813-724"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/themes/elegantwp/assets/js/custom.js
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/themes/elegantwp/assets/js/custom.js
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/elegantwp/assets/js/custom.js HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Jul 2021 17:36:19 GMT
vary: Accept-Encoding
etag: W/"60f5b813-11fe"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/wp-social-likes/css/social-likes_classic.css?ver=6.0.2
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/wp-social-likes/css/social-likes_classic.css?ver=6.0.2
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-social-likes/css/social-likes_classic.css?ver=6.0.2 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: text/css
last-modified: Mon, 02 Oct 2017 09:45:09 GMT
vary: Accept-Encoding
etag: W/"59d20aa5-38b9"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/advanced-responsive-video-embedder/build/main.js?ver=54d2e76056851d3b806e
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/advanced-responsive-video-embedder/build/main.js?ver=54d2e76056851d3b806e
IP 45.130.41.35:0
GET /wp-content/plugins/advanced-responsive-video-embedder/build/main.js?ver=54d2e76056851d3b806e HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Fri, 02 Sep 2022 05:07:02 GMT
vary: Accept-Encoding
etag: W/"63118f76-413"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/89B803C16ADA2A63D903AC68020BB075
213.180.193.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/89B803C16ADA2A63D903AC68020BB075
IP 213.180.193.90:0
GET /mapuid/sapeis/89B803C16ADA2A63D903AC68020BB075 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/89B803C16ADA2A63D903AC68020BB075?redir-setuniq=1
date: Wed, 21 Sep 2022 09:33:32 GMT
set-cookie: yandexuid=4027479381663752812; domain=.yandex.ru; path=/; expires=Sat, 18-Sep-2032 09:33:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 09:33:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 21 Sep 2022 09:33:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
investstable.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Fri, 02 Sep 2022 05:07:05 GMT
vary: Accept-Encoding
etag: W/"63118f79-2fb3"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.23.99302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.23.99:0
ASN #24940 Hetzner Online GmbH
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 21 Sep 2022 09:33:31 GMT
x-request-id: c049b0b4-8c13-4df3-b4ef-a42092832141
set-cookie: bvuid=67btg9vzk3; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=67btg9vzk3; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=67btg9vzk3
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/1095636837296413?v=2.9.83&r=stable
157.240.200.14200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/1095636837296413?v=2.9.83&r=stable
IP 157.240.200.14:0
GET /signals/config/1095636837296413?v=2.9.83&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://investstable.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Mf2co3OEx+ag8mE83o84zIaZ6TE4lDiSQJk8eSbpSsUSzZaBeO7+whdqqqRLJ2Y6q+twG91RfWePKnMKO/2uig==
priority: u=3,i
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 09:33:31 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
investstable.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
45.130.41.35200 OK 0 B URL HTTP/2 investstable.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 45.130.41.35:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: investstable.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://investstable.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Wed, 21 Sep 2022 09:33:30 GMT
content-type: application/x-javascript
last-modified: Sat, 31 Jul 2021 16:31:34 GMT
vary: Accept-Encoding
etag: W/"61057ae6-15db1"
expires: Wed, 28 Sep 2022 09:33:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2