e-pitanie.ru/
301 Moved Permanently 229 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f12457953572ad6e18a45238645216e6
587abd069c6628138cd6fa3c0ef3e13def8b4bf4
554be903bcfbd54dd41e78b0c71afe513beafb7db4b3f352fa0dd526641ea39e
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Location: https://e-pitanie.ru/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3467
Expires: Fri, 11 Nov 2022 19:42:55 GMT
Date: Fri, 11 Nov 2022 18:45:08 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: max-age=149678
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:08 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:19:46 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2257
Expires: Fri, 11 Nov 2022 19:22:45 GMT
Date: Fri, 11 Nov 2022 18:45:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 18:44:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 64
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7d1f8ZycjGDO1tVIXG8btyaJXz2H/K+lNRkgYONQYi5a76DKZpb19/UBXDqwovDdFgsMjAvtz30=
x-amz-request-id: TJ1NSCTWYYZXTZ0K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 18:12:40 GMT
age: 1948
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:45:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb69f55d0ad626a0c73502965d5874da
a959b09c8a79f303475d3b0bd157009dd282dd0e
87b6caf560c2101386856930853008305fe7c874630958c5258c1f270a2053a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87B6CAF560C2101386856930853008305FE7C874630958C5258C1F270A2053A2"
Last-Modified: Wed, 09 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21592
Expires: Sat, 12 Nov 2022 00:45:00 GMT
Date: Fri, 11 Nov 2022 18:45:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 11 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 21
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e-pitanie.ru/
200 OK 320 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10813)
Size 320 kB (320393 bytes)
Hash df4ec36b6a4ca60b8f2c6fdd8fee69a5
ab7d6aebc9787322b93ab5ff0aeba4de02c4d0d5
3397043187d2df3b3a4cf53c6b299feae9bd6f388e90b2bc42cac466219fa53f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
X-Powered-By: PHP/5.6.40
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
200 OK 471 B IP
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3233
Cache-Control: max-age=141336
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:09 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:00:45 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
e-pitanie.ru/wp-content/themes/nirvana/fonts/fontfaces.css?ver=1.4.4
200 OK 16 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/fonts/fontfaces.css?ver=1.4.4
IP
Hash 5461451ecfaf5aeb6f02808009dfa2ef
97288c5c4f1a0eda272e4fd6a839ed16fd161db2
3794e5daba3b25caca6fc0d0239822473f7897614c437d14b3d786ac5ad40ee0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/fonts/fontfaces.css?ver=1.4.4 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "3d0e-588e851940a80"
Accept-Ranges: bytes
Content-Length: 15630
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
e-pitanie.ru/wp-content/themes/nirvana/style.css?ver=1.4.4
200 OK 63 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/style.css?ver=1.4.4
IP
File type ASCII text, with very long lines (1103)
Hash 88e97d618df5a773eb3060a12a041e19
025526f5d538bfcb00a4938b6a8446f9a45ef74d
4eff119e3f47f8827f70980622d4fdffc954f8ee945439868632cc498c8c97ba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/style.css?ver=1.4.4 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 10 Mar 2021 06:35:50 GMT
ETag: "f7b2-5bd28e0b73d80"
Accept-Ranges: bytes
Content-Length: 63410
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
e-pitanie.ru/wp-content/themes/nirvana/js/nivo.slider.min.js?ver=1.4.4
200 OK 12 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/js/nivo.slider.min.js?ver=1.4.4
IP
File type ASCII text, with very long lines (11999)
Hash 0cf3f8b677dcd27b6d46f4a56d65fdb2
55234f525286ead0ea12dc6c51c34b9b49f23bda
2881a6657e481fa5fccc79681cb91277a111785342d9c9283d71ac9ca6e9b098
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/js/nivo.slider.min.js?ver=1.4.4 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "2fa9-588e851940a80"
Accept-Ranges: bytes
Content-Length: 12201
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
e-pitanie.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
200 OK 11 kB URL HTTP/1.1 e-pitanie.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
File type ASCII text, with very long lines (9959)
Hash b258da85646fc0ac484b75906256b668
190ed10c0d45a36f717e32e4731baebc20046cbd
578516c63a947d5dad1a4c206cb674319af3c429ed9f30f4430b98742a95ac91
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 04 Mar 2021 13:13:15 GMT
ETag: "2a42-5bcb5baf0d0c0"
Accept-Ranges: bytes
Content-Length: 10818
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
e-pitanie.ru/wp-content/themes/nirvana/styles/style-mobile.css?ver=1.4.4
200 OK 12 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/styles/style-mobile.css?ver=1.4.4
IP
Hash b07202d8754463c21bf5ec14a5eb60ef
e36e409f0acf034d3ac2a4abdcd84778877c6ed4
901247043923ded8221d52d63edc914562f84da8b27a044c5990499d308e9945
GET /wp-content/themes/nirvana/styles/style-mobile.css?ver=1.4.4 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "2e20-588e851940a80"
Accept-Ranges: bytes
Content-Length: 11808
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
e-pitanie.ru/wp-content/themes/nirvana/js/ajax.js?ver=1.4.4
200 OK 2.4 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/js/ajax.js?ver=1.4.4
IP
Hash 15fa958b78d6c3da41d2b8bbdf5ed12e
50e2c20566dcb16e6a72669c52d4f441e5febe21
9926c7a85f3ca5ddb6502430633a364fb50f3df1fa046f968ca57a8f2cf56973
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/js/ajax.js?ver=1.4.4 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "96e-588e851940a80"
Accept-Ranges: bytes
Content-Length: 2414
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
e-pitanie.ru/wp-content/themes/nirvana/js/frontend.js?ver=1.4.4
200 OK 6.9 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/js/frontend.js?ver=1.4.4
IP
File type ASCII text, with very long lines (301)
Hash 597d4e111fff993cb8fa2e73e0d848f5
d45c612434908f00fc334325bc78e59d85cb0697
3106a1f246b494ac976c215d8767342d35495a79b83c12de8f2f362e7ba5426d
GET /wp-content/themes/nirvana/js/frontend.js?ver=1.4.4 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "1b14-588e851940a80"
Accept-Ranges: bytes
Content-Length: 6932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
e-pitanie.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
200 OK 98 kB URL HTTP/1.1 e-pitanie.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP
File type ASCII text, with very long lines (32077)
Hash 97dad705092030d63c10e0dcd623e1b5
921fb47f47ec919ee6386f5e8a02dd46c91d6b7f
d3d20dfcaa982eb33f02ec8f399068cbd0ca60e0eb3e9567eede83891c131176
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:51 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 04 Mar 2021 13:13:18 GMT
ETag: "17e9a-5bcb5bb1e9780"
Accept-Ranges: bytes
Content-Length: 97946
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
e-pitanie.ru/wp-content/uploads/2020/01/shutterstock_640347634-250x150.jpg
200 OK 132 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2020/01/shutterstock_640347634-250x150.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x400, components 3\012- data
Size 132 kB (132315 bytes)
Hash b43989971a5cc883555128df94db40a9
f2c7b701b729e285866a3b3fe75d34d806028fe0
6ae87401755071ac2f78ff357378860492000e4fb91088f88763262af0a7a74a
GET /wp-content/uploads/2020/01/shutterstock_640347634-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:38:47 GMT
ETag: "204db-5bd2236a6ebc0"
Accept-Ranges: bytes
Content-Length: 132315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/wp-content/uploads/2019/12/p-a-new-geneo2-250x150.jpg
200 OK 94 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2019/12/p-a-new-geneo2-250x150.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 630x420, components 3\012- data
Hash 153066dfb806aadcecada4ba28e701ae
dcfcab5b4699cb11e467e4bed4c5d50a086b7b0c
746fc86d4dcf99075e6625c6903646981953e17d21f479736851ecf65bb3302e
GET /wp-content/uploads/2019/12/p-a-new-geneo2-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:38:11 GMT
ETag: "1705e-5bd2234819ac0"
Accept-Ranges: bytes
Content-Length: 94302
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3df459bdb053dcdb5344eba77d6306bb
f19b1935d81852b70f289132176db6370e4155b8
85d5f5646c86a7083311cd761ac931b5c98a2ca67ce447b1bd62279e2af701a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85D5F5646C86A7083311CD761AC931B5C98A2CA67CE447B1BD62279E2AF701A2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7057
Expires: Fri, 11 Nov 2022 20:42:46 GMT
Date: Fri, 11 Nov 2022 18:45:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3df459bdb053dcdb5344eba77d6306bb
f19b1935d81852b70f289132176db6370e4155b8
85d5f5646c86a7083311cd761ac931b5c98a2ca67ce447b1bd62279e2af701a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85D5F5646C86A7083311CD761AC931B5C98A2CA67CE447B1BD62279E2AF701A2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7057
Expires: Fri, 11 Nov 2022 20:42:46 GMT
Date: Fri, 11 Nov 2022 18:45:09 GMT
Connection: keep-alive
e-pitanie.ru/wp-content/uploads/2019/12/cancer-imagerie-progres1-250x150.jpg
200 OK 41 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2019/12/cancer-imagerie-progres1-250x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], progressive, precision 8, 511x469, components 3\012- data
Hash d55c6063920fb3023d984e7c7fa4b842
1d495dd9e371a57ddde0844411a4dbc6e3ba19dd
385ffb0b29f69ed197dfedb4862762010133df6da06c6af0aa36bfc41d514fdc
GET /wp-content/uploads/2019/12/cancer-imagerie-progres1-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:37:41 GMT
ETag: "a022-5bd2232b7d740"
Accept-Ranges: bytes
Content-Length: 40994
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/wp-content/uploads/2019/12/protivopokazaniya_primeneniyu-250x150.jpg
200 OK 131 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2019/12/protivopokazaniya_primeneniyu-250x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 785x1108, components 3\012- data
Size 131 kB (131304 bytes)
Hash feb6c6e6f66c21b79bfa6acc1806fd83
0e4ab3217c6cde6dd35a1b3dbd3be19694106207
cb5112c27f7ed35586c24efb81c303ff5d5ba001d52bad4ac4611dbf9dce5f83
GET /wp-content/uploads/2019/12/protivopokazaniya_primeneniyu-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:38:21 GMT
ETag: "200e8-5bd22351a3140"
Accept-Ranges: bytes
Content-Length: 131304
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/wp-content/uploads/2019/12/im2-250x150.jpg
200 OK 107 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2019/12/im2-250x150.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=487, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=734], progressive, precision 8, 500x332, components 3\012- data
Size 107 kB (106596 bytes)
Hash cd87bf80d96de45438f4d56b0d3ea542
cb63adedf9c7f35c0e33fa0741f82be6a5dba12a
a4d27469db59ccb02948e4edf29cc6d5c13ad080750d9554201909b235442221
GET /wp-content/uploads/2019/12/im2-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:37:58 GMT
ETag: "1a064-5bd2233bb3d80"
Accept-Ranges: bytes
Content-Length: 106596
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/wp-content/uploads/2020/01/boli-v-kolenyah-v2_orig-250x150.jpg
200 OK 81 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2020/01/boli-v-kolenyah-v2_orig-250x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x650, components 3\012- data
Hash 3c4906817992f276f00bb2a3eebceffd
a728be51b1601e122cb2777c8c415bddbc4e74b4
5e6022f44f5736081eca3a5ef5a87bb2671ded65d428e5a3b069869a4a4a63ea
GET /wp-content/uploads/2020/01/boli-v-kolenyah-v2_orig-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:38:31 GMT
ETag: "13c20-5bd2235b2c7c0"
Accept-Ranges: bytes
Content-Length: 80928
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/wp-content/uploads/2019/04/Cv87SiznBT4-250x150.jpg
200 OK 76 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2019/04/Cv87SiznBT4-250x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 91a9b8aded7f0f2502fbced44f830670
a8505766fca1a2e5e88c573d7d62c1bb55edff1b
a1819156cebd4591b4abe6af668ab05ab0d317ad4158aa2c2f7f98bb00a56338
GET /wp-content/uploads/2019/04/Cv87SiznBT4-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 10 Mar 2021 07:21:58 GMT
ETag: "12a7c-5bd2985b39180"
Accept-Ranges: bytes
Content-Length: 76412
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/img/logo.png
200 OK 2.3 kB URL HTTP/1.1 e-pitanie.ru/img/logo.png
IP
File type PNG image data, 186 x 51, 8-bit colormap, non-interlaced\012- data
Hash 14bd2231f4981a38ba3ba8b740180c12
527c8a63805f31e212273b092bf2926880ae94e6
b8844517761950588d07e46482e2de08660a8fc14bdf24727a1e3bcc5b782c38
GET /img/logo.png HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 04 Mar 2021 15:54:46 GMT
ETag: "8f3-5bcb7fc91bd80"
Accept-Ranges: bytes
Content-Length: 2291
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
e-pitanie.ru/wp-content/uploads/2020/02/Trustfillerb4-250x150.jpg
200 OK 94 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2020/02/Trustfillerb4-250x150.jpg
IP
File type JPEG image data, baseline, precision 8, 1000x1000, components 3\012- data
Hash e214736b0f19243f3a838ecb3e7cd726
5d07314556503be08cc79c4df7499a8a4a412216
8fce6f97c0145f27ddc8b0488f7249eb139a2bf2d13d2080c5f369dc21b0961a
GET /wp-content/uploads/2020/02/Trustfillerb4-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:38:54 GMT
ETag: "1700f-5bd223711bb80"
Accept-Ranges: bytes
Content-Length: 94223
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/wp-content/uploads/2019/12/NDZNKl-250x150.jpg
200 OK 238 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2019/12/NDZNKl-250x150.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2017:12:13 16:22:29], baseline, precision 8, 1700x600, components 3\012- data
Size 238 kB (237613 bytes)
Hash aec9f38bbb80d5f702bf5f6bdc17cbd2
4b59f75c1a44814f7e126e2c55ac4650d4fc3d7e
d7a4e3aae2a96d9b9b419c3f237d37b52408c763d30b587ae18f5f653eeef007
GET /wp-content/uploads/2019/12/NDZNKl-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:38:04 GMT
ETag: "3a02d-5bd223416cb00"
Accept-Ranges: bytes
Content-Length: 237613
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
e-pitanie.ru/wp-content/themes/nirvana/fonts/elusive.woff
200 OK 15 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/fonts/elusive.woff
IP
File type Web Open Font Format, TrueType, length 14740, version 1.0\012- data
Hash 4af5bc564780a95541ce26e843d9860a
01801dd84676bd6a2d166108a3327a1d21ecced6
91138f3b30a796e5e5cd696f1271356a17e416782e22e05a3c31577e624d1549
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/fonts/elusive.woff HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e-pitanie.ru/wp-content/themes/nirvana/fonts/fontfaces.css?ver=1.4.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "3994-588e851940a80"
Accept-Ranges: bytes
Content-Length: 14740
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/font-woff
e-pitanie.ru/wp-content/themes/nirvana/fonts/sourcesanspro-regular-webfont.woff
200 OK 27 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/fonts/sourcesanspro-regular-webfont.woff
IP
File type Web Open Font Format, TrueType, length 27248, version 1.1\012- data
Hash c4f39c8cef7f1746da98c25e82b76f29
d368079e8789e98ad4831b570e096ba28ed365d6
13ae7e5a59de6cef3c3cedeaa348b17157b3cbc2b1bc9607c6d84ced4d137269
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/fonts/sourcesanspro-regular-webfont.woff HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e-pitanie.ru/wp-content/themes/nirvana/fonts/fontfaces.css?ver=1.4.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "6a70-588e851940a80"
Accept-Ranges: bytes
Content-Length: 27248
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/font-woff
e-pitanie.ru/wp-content/themes/nirvana/fonts/sourcesanspro-light-webfont.woff
200 OK 26 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/fonts/sourcesanspro-light-webfont.woff
IP
File type Web Open Font Format, TrueType, length 26540, version 1.1\012- data
Hash 7951903bff82a82e7cde0396dfc9d80c
189f5d517caa3e32f01736fff6a921c5068ecf92
e42643595230db6d887cf16ba0e06f4fd0ce9c50e8931cbbd6e0167a0d960743
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/fonts/sourcesanspro-light-webfont.woff HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e-pitanie.ru/wp-content/themes/nirvana/fonts/fontfaces.css?ver=1.4.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "67ac-588e851940a80"
Accept-Ranges: bytes
Content-Length: 26540
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/font-woff
e-pitanie.ru/wp-content/themes/nirvana/fonts/sourcesanspro-bold-webfont.woff
200 OK 27 kB URL HTTP/1.1 e-pitanie.ru/wp-content/themes/nirvana/fonts/sourcesanspro-bold-webfont.woff
IP
File type Web Open Font Format, TrueType, length 26608, version 1.1\012- data
Hash 1146f3f229f5a3d3c711f0922ea2eb87
5534e9eb2be04d8a5223489ea9fc9c305aaab9c9
5a86fa4090ad9e6f6f5d0cb9ccdfd96db22e77bfb787bd28085e6baa376f81e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/nirvana/fonts/sourcesanspro-bold-webfont.woff HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://e-pitanie.ru/wp-content/themes/nirvana/fonts/fontfaces.css?ver=1.4.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 15 May 2019 07:44:26 GMT
ETag: "67f0-588e851940a80"
Accept-Ranges: bytes
Content-Length: 26608
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/font-woff
e-pitanie.ru/wp-content/uploads/2020/01/i3222-250x150.jpg
200 OK 75 kB URL HTTP/1.1 e-pitanie.ru/wp-content/uploads/2020/01/i3222-250x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x270, components 3\012- data
Hash a0c5ddf27ecc6f64a6976489e7b0235a
1b01d4c8b3ef23e7fae137982e6767ae0e945285
a7ad364edf9c70aa86078ec745fab86374d37683b00373221b332e73f3dbe3e7
GET /wp-content/uploads/2020/01/i3222-250x150.jpg HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 09 Mar 2021 22:38:38 GMT
ETag: "12574-5bd22361d9780"
Accept-Ranges: bytes
Content-Length: 75124
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A556EVy1PHUIiyaxstm+DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qrxdcMcjOdYXruV1+CKKZLRZhU4=
w.uptolike.com/widgets/v1/zp.js?pid=lff0de46e906197c926ec22838064bd82400985077
200 OK 11 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp.js?pid=lff0de46e906197c926ec22838064bd82400985077
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (585)
Hash 66cf14ac333fc6d4bb88bfce27d875ea
e919c8fb6c7bc5ef3c44df72251fcf7bd0a1fcc4
6f0b1846dbbff4b527891fc4f43f919c3c8867e6b6dc029958fd80fd69cb8f96
GET /widgets/v1/zp.js?pid=lff0de46e906197c926ec22838064bd82400985077 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:09 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=29547525570; Expires=Sun, 10 Nov 2024 18:45:09 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CP+iisDGMBAAIP/z1MjGMCj/89TIxjAwABSwz835E8+Am7NM/5lQi/0="; Expires=Sun, 10 Nov 2024 18:45:09 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=31556926
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 082771ee4e890dbd9225f1f9f20de591
76f25952652f1fd3c6e3f03611a80130a2db67e5
71ef9a40ccaf3b317b74bc513a6839e207c3fa12acec77691c6f6c662c028c05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71EF9A40CCAF3B317B74BC513A6839E207C3FA12ACEC77691C6F6C662C028C05"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9565
Expires: Fri, 11 Nov 2022 21:24:34 GMT
Date: Fri, 11 Nov 2022 18:45:09 GMT
Connection: keep-alive
www.acint.net/aci.js
200 OK 7.5 kB IP
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:09 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 16 May 2022 07:14:50 GMT
etag: "6281f9ea-1d25"
content-encoding: gzip
expires: Sat, 12 Nov 2022 06:45:09 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1668192309392892
200 OK 84 B URL HTTP/1.1 w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1668192309392892
IP
ASN #12695 LLC Digital Network
File type ASCII text, with no line terminators
Hash e4c76c1d1d3e2b4a38d8df575cef58ad
a6935e7bbf4a7b5f59051e74c3e2410918e63bac
05c3d065537e2aeff32eac23bc44159118528d738f3a1120901a14ca0388732e
GET /widgets/v1/version.js?cb=cb__utl_cb_share_1668192309392892 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Cookie: utl_id2=29547525570; utl_dat="CP+iisDGMBAAIP/z1MjGMCj/89TIxjAwABSwz835E8+Am7NM/5lQi/0="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:09 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Mon, 31 Oct 2022 16:51:19 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=29547525570; Expires=Sun, 10 Nov 2024 18:45:09 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CP+iisDGMBAAIP/z1MjGMCj/89TIxjAwABSwz835E8+Am7NM/5lQi/0="; Expires=Sun, 10 Nov 2024 18:45:09 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.acint.net/mc/?dp=10
302 Found 154 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 11 Nov 2022 18:45:09 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 11-Nov-22 18:55:09 GMT
aid=CkIDE2NumDWesgEIgfmtAhAzncDIZkFFDwaPHzS3aZNDoFoU; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=4956035a-c22c-438f-8eb6-b172ec83e3d5&dp=10&tz=%2B00%3A00&nc=91426142&u=https%3A%2F%2Fe-pitanie.ru%2F&r=&rs=1280x1024&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&oE=1&oP=1&dT=2022-11-11T18%3A45%3A09.447&fu=b8ce0d94-5b52-4861-bfba-e796b8283fd5
200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=4956035a-c22c-438f-8eb6-b172ec83e3d5&dp=10&tz=%2B00%3A00&nc=91426142&u=https%3A%2F%2Fe-pitanie.ru%2F&r=&rs=1280x1024&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&oE=1&oP=1&dT=2022-11-11T18%3A45%3A09.447&fu=b8ce0d94-5b52-4861-bfba-e796b8283fd5
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=4956035a-c22c-438f-8eb6-b172ec83e3d5&dp=10&tz=%2B00%3A00&nc=91426142&u=https%3A%2F%2Fe-pitanie.ru%2F&r=&rs=1280x1024&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&oE=1&oP=1&dT=2022-11-11T18%3A45%3A09.447&fu=b8ce0d94-5b52-4861-bfba-e796b8283fd5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:09 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
w.uptolike.com/widgets/v1/zp.js?pid=1902757
200 OK 11 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp.js?pid=1902757
IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (585)
Hash 0558cf6aca10b7c704d5e04e1eb5e69d
1602e7f45e8de77a48ff3ccf56fe57e75fb92050
b89cdc34050d77aebc41fd1a273b732d2b0073039aea3d1ed9a53f4a746243db
GET /widgets/v1/zp.js?pid=1902757 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:09 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=29547525620; Expires=Sun, 10 Nov 2024 18:45:09 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CI2lisDGMBAAII321MjGMCiN9tTIxjAwAI2BEiRnlNsO3Ww/RVhf0Vc="; Expires=Sun, 10 Nov 2024 18:45:09 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=31556926
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
dm-eu.hybrid.ai/match?id=106&vid=1503420A35986E63440140BC0214CD18
204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1503420A35986E63440140BC0214CD18
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /match?id=106&vid=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 11 Nov 2022 18:45:10 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=af2bbbb5360f09953443; expires=Sat, 11 Nov 2023 18:45:08 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 6c846b0df9d849d35d09852a04c2e25b
1eb20ff15da98c124a7123c170bd2148b37e0e5a
d9d0742aac494e3abab71929584a6a3e8496964d73c92c583c3721b0cf2236e8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Tue, 15 Nov 2022 15:46:58 GMT
ETag: "1eb20ff15da98c124a7123c170bd2148b37e0e5a"
Last-Modified: Fri, 11 Nov 2022 15:46:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2721
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef25f93b511-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash edeb98928bc0a170e920e20b4deb7e89
9f9a80db0d3fb0d3fa8311731a8b8721f2d46602
c0f853be3f677b0c31ecd612d8e736b9ab7a3164ec07f530b5df5001123b27a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 796
Cache-Control: max-age=103256
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:10 GMT
Etag: "636d8572-117"
Expires: Sat, 12 Nov 2022 23:26:06 GMT
Last-Modified: Thu, 10 Nov 2022 23:12:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
e-pitanie.ru/favicon.ico
200 OK 1.2 kB IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 39edc9e9dded6ca12c39dc5a741739b4
d99b08c1982a7113bb4fae90d1fbc988bab8d48d
4d0a3f316dc5e69f4b04c53d1774a423968be2948cdf71a4a68e177800908d6e
GET /favicon.ico HTTP/1.1
Host: e-pitanie.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Cookie: fid=b8ce0d94-5b52-4861-bfba-e796b8283fd5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:42:52 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Thu, 04 Mar 2021 21:06:34 GMT
ETag: "47e-5bcbc57a72a80"
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
ocsp.digicert.com/
200 OK 278 B IP
Hash 2bb35accbad3880a116837a82121d02e
e4b516f57048482471eb8363a9b323473520925d
d0e2b9924187fd493730211b1fb13b1c92b82f5b03fbf692cc2efcf01a8294e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3620
Cache-Control: max-age=165137
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:10 GMT
Etag: "636e6c23-116"
Expires: Sun, 13 Nov 2022 16:37:27 GMT
Last-Modified: Fri, 11 Nov 2022 15:37:07 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
acint.net/match?dp=110&euid=76794266768145118596ed3bafeda8d0
200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=76794266768145118596ed3bafeda8d0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=76794266768145118596ed3bafeda8d0 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1668192310205;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1668192310205;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 5aaf9714a8ace748a495b9d95b4ee76c
4da8849cd8cde52c617d039711c25621fcd03b37
70e71c0bcd651ee8d346f1767cccd7b77d22d85f4f49df3e87190401ac452219
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 15 Nov 2022 15:38:36 GMT
ETag: "4da8849cd8cde52c617d039711c25621fcd03b37"
Last-Modified: Fri, 11 Nov 2022 15:38:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2707
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef3184ab518-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0ad2ecb2a6fda90018d07d570e013ee6
e04587fa3cde6bee76a09adaf2b2e094d52fe258
7e7b218c8ec9051318d6f6e535be1d7345806adaf46a9c69b616a206921a0ccc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E7B218C8EC9051318D6F6E535BE1D7345806ADAF46A9C69B616A206921A0CCC"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10121
Expires: Fri, 11 Nov 2022 21:33:51 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 7ef0e1ddfd64e4d9797b95d0b2854ff7
2f33676574428b29cc77658fc76e8fafb7923f1e
85aa5bbb48f624ce3ba0b83a697563c0a07df9eb6d904edc5a0dc78961965b38
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 15 Nov 2022 16:46:33 GMT
ETag: "2f33676574428b29cc77658fc76e8fafb7923f1e"
Last-Modified: Fri, 11 Nov 2022 16:46:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1018
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef328fdb511-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c3799e166131aadc5d5b3de9b6994589
2b20067be8b11892bb41c2db0e6888b559c052e0
e89bc5ee701c144f468638c3d8d343c34f939591f997b1d4768f7e8aebceb5b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E89BC5EE701C144F468638C3D8D343C34F939591F997B1D4768F7E8AEBCEB5B2"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7963
Expires: Fri, 11 Nov 2022 20:57:53 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
counter.yadro.ru/hit?t17.1;r;s1280*1024*24;uhttps%3A//e-pitanie.ru/;0.6914160579463254
200 OK 195 B URL HTTP/1.1 counter.yadro.ru/hit?t17.1;r;s1280*1024*24;uhttps%3A//e-pitanie.ru/;0.6914160579463254
IP
ASN #39134 United Network LLC
File type GIF image data, version 89a, 88 x 31\012- data
Hash c34e754359ef3b59d0e653e5c393367a
a3f22e9bcf1fc5f16291edabe0b5f1740bf395eb
c6c71f89aef58db96505b6d549edfc154f910f942a5f70ef6383c6098b246d9d
GET /hit?t17.1;r;s1280*1024*24;uhttps%3A//e-pitanie.ru/;0.6914160579463254 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: image/gif
Content-Length: 195
Connection: keep-alive
Expires: Wed, 10 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Fri, 11 Nov 2022 18:45:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=KNKGLJZA
Set-Cookie: uid=KNKGLJZA; Expires=Fri, 11 Nov 2032 00:00:00 GMT; mf2=1; Expires=Sun, 11 Dec 2022 00:00:00 GMT;
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fbf0ec509f665422f1225c5c2c799067
d758d7df2d7d75a223afa6dd775a60030c116f02
3cd5986abf1d345483d72627afe26fab2589fe97d0a3d76dce772d917b826d12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CD5986ABF1D345483D72627AFE26FAB2589FE97D0A3D76DCE772D917B826D12"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16349
Expires: Fri, 11 Nov 2022 23:17:39 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 941fb9e7043657ac1961a8d6046f912d
9d0718ab3295584899b61f7fb7cd13f181f5fc39
1933d8e7400083b33a5abd4080b7d771c5172374c3d344d08da4d0481767adf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1933D8E7400083B33A5ABD4080B7D771C5172374C3D344D08DA4D0481767ADF2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11943
Expires: Fri, 11 Nov 2022 22:04:13 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
ut.rktch.com/matchspm?pi=1000005&pui=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=1503420A35986E63440140BC0214CD18
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=d86417bb8d354e5c7632661f8ec54bfb25b1; Max-Age=2592000; Expires=Sun, 11 Dec 2022 18:45:10 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1668192310205
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/png
content-length: 0
location: https://f38fcdb9-7ec8-45c3-a03a-ce9a77d6e390.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=f38fcdb9-7ec8-45c3-a03a-ce9a77d6e390;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=f38fcdb9-7ec8-45c3-a03a-ce9a77d6e390;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 30203d72e47a7f06956c0fea0da0c304
5fa358bfe97fffd780a7fe420c7c8c01b41a6c76
1b035db912af5c595738a4c626fdcf8ddec523bf378c4231f3e0fca7d18e7a27
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 15 Nov 2022 16:56:01 GMT
ETag: "5fa358bfe97fffd780a7fe420c7c8c01b41a6c76"
Last-Modified: Fri, 11 Nov 2022 16:56:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3506
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef388fbb518-OSL
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A35986E63440140BC0214CD18
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=f83cc190-61f0-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 11 Nov 2023 18:45:10 GMT; SameSite=None; Secure
uid-legacy=f83cc190-61f0-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 11 Nov 2023 18:45:10 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A35986E63440140BC0214CD18&cs=1
X-Firefox-Spdy: h2
sync.republer.com/match?dsp=sape
204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=4702420A36986E631D009B3402733C0D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkICR2NumDY0mwAdDTxzAtyPzlEWhmjDiOkRhfFAkZw+DJi/; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4835d857b927f339a52a6a3d00fda9e1
265d2e04a58e493cf55a8a6bcc616a4d4e0bd338
18c6522233a2257b1af0ec955f5d283d28c3ba715e36511f4afc2dc43b17f43d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18C6522233A2257B1AF0EC955F5D283D28C3BA715E36511F4AFC2DC43B17F43D"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13869
Expires: Fri, 11 Nov 2022 22:36:19 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=KNKGLJZA
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=KNKGLJZA
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=KNKGLJZA HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=sape
204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 11 Dec 2022 21:45:10 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 11 Dec 2022 21:45:10 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dJ7ITgon65mGRATtASqUzBJO%2B0zWYpjLZ5pOSt%2F7TdBIMvgnq5CnHjDZZg2XuJjnW%2BBw7RjOKg6ZCGNzWLOvdX0rbgomzfcMYTTbGOK3lsLt1Xmfwzcp7EqJiv%2BZt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76892ef31c1a0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stat.adlabs.ru/merge_gpsid/?sid=50&id=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=1503420A35986E63440140BC0214CD18
IP
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:31:39 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=1503420A35986E63440140BC0214CD18
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A35986E63440140BC0214CD18&cs=1
200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A35986E63440140BC0214CD18&cs=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A35986E63440140BC0214CD18&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=f83cc190-61f0-11ed-acfd-901b0e8b2a6e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=f83cc190-61f0-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 11 Nov 2023 18:45:10 GMT; SameSite=None; Secure
uid-legacy=f83cc190-61f0-11ed-acfd-901b0e8b2a6e; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 11 Nov 2023 18:45:10 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 5e6ba404034811099aa138fae821fdb9
37c4ee9e62cb674f7e900b671cfb7c064ebec912
519641cbc37e0a79959aa28f3e90974328b457c63eb8f698d44f9bb4d0974e67
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 15 Nov 2022 14:40:38 GMT
ETag: "37c4ee9e62cb674f7e900b671cfb7c064ebec912"
Last-Modified: Fri, 11 Nov 2022 14:40:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2370
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef3c9c9b511-OSL
s.uuidksinc.net/match/396/?remote_uid=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1503420A35986E63440140BC0214CD18
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 11 Nov 2022 18:45:10 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=AKAKijkxbHhErr9gfMxd
set-cookie: jcsuuid=AKAKijkxbHhErr9gfMxd; expires=Sat, 11 Nov 2023 18:45:10 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a1e0a83e88de350168591cb652af94ef
ff38cd35b5b3ada406135de05dcb142dbab0d710
a51f0728df2e635589ffabc66758dff3ea44f2fa257fa23b1a8f92539369f127
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A51F0728DF2E635589FFABC66758DFF3EA44F2FA257FA23B1A8F92539369F127"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3987
Expires: Fri, 11 Nov 2022 19:51:37 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c1fc4c9dbbf4ae1f193404eec84178bb
0599e2a386511dac706bcaa4bfbff20bf72c4cdc
eaafa570a5a217ea8b2440dc46397a37677a7e3e7740fd59f913204d313f8595
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAFA570A5A217EA8B2440DC46397A37677A7E3E7740FD59F913204D313F8595"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Fri, 11 Nov 2022 19:31:07 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
acint.net/match?dp=14&euid=4702420A36986E631D009B3402733C0D
200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=4702420A36986E631D009B3402733C0D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=4702420A36986E631D009B3402733C0D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b06db836fb95a2a6f942441336379db9
0b11976d7e702acec3d201eb96f6d86296f06aa1
0156681b7480582ea9bf2ab80dfee2aafe74aeaf116c2096ba5a2ac6afa7a064
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0156681B7480582EA9BF2AB80DFEE2AAFE74AEAF116C2096BA5A2AC6AFA7A064"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11963
Expires: Fri, 11 Nov 2022 22:04:33 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
1503420a35986e63440140bc0214cd18-sp.ops.beeline.ru/p?ssp=sp&id=1503420A35986E63440140BC0214CD18
301 Moved Permanently 0 B URL HTTP/2 1503420a35986e63440140bc0214cd18-sp.ops.beeline.ru/p?ssp=sp&id=1503420A35986E63440140BC0214CD18
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: 1503420a35986e63440140bc0214cd18-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=1aebf53c-b942-4f2c-947f-e5f15702ccc1
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=1aebf53c-b942-4f2c-947f-e5f15702ccc1; expires=Thu, 02 Nov 2023 18:45:10 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.33
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c1fc4c9dbbf4ae1f193404eec84178bb
0599e2a386511dac706bcaa4bfbff20bf72c4cdc
eaafa570a5a217ea8b2440dc46397a37677a7e3e7740fd59f913204d313f8595
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAFA570A5A217EA8B2440DC46397A37677A7E3E7740FD59F913204D313F8595"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2757
Expires: Fri, 11 Nov 2022 19:31:07 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
sync.bumlam.com/?src=sap1&uid=1503420A35986E63440140BC0214CD18
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1503420A35986E63440140BC0214CD18
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 06 Nov 2042 18:45:10 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARi2sLqbBmIgMTUwMzQyMEEzNTk4NkU2MzQ0MDE0MEJDMDIxNENEMTiiARD4S2q6YfAR7YbgACWQwGR8
ETag: f84b6aba-61f0-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
nr.bidderstack.com/sape/cm?user_id=1503420A35986E63440140BC0214CD18
200 OK 44 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=1503420A35986E63440140BC0214CD18
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
GET /sape/cm?user_id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=4436a102-5722-48fe-92cf-3bce2157e46c; domain=.bidderstack.com; path=/; expires=Sat, 11-Nov-2023 18:45:10 GMT;
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7e9d9034dcbfe56330f9d4490e6684f
bba5e7047d0b45eeb5148ae82be63f516b76c092
5cba941e6465f4b0a8767354df08207bcf4154caced0560ac8aab3329ee3f254
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CBA941E6465F4B0A8767354DF08207BCF4154CACED0560AC8AAB3329EE3F254"
Last-Modified: Fri, 11 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12370
Expires: Fri, 11 Nov 2022 22:11:20 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
mediatoday.ru/core/match.gif?s=32&id=1503420A35986E63440140BC0214CD18
200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=1503420A35986E63440140BC0214CD18
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUb4L3iYg20UMsB; expires=Mon, 08-Nov-2032 18:45:11 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash 7b111c54e4ca74c6afb01dccb16a6011
4348abbb3e927a3d20291a71a5e019bbd93923a3
3ad93d272b1bd1296c76105a47276b028046efb94daf54f6b9bef537626a381c
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57770
date: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-origin: *
etag: "63575841-e1aa"
expires: Fri, 11 Nov 2022 19:45:10 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 2bb35accbad3880a116837a82121d02e
e4b516f57048482471eb8363a9b323473520925d
d0e2b9924187fd493730211b1fb13b1c92b82f5b03fbf692cc2efcf01a8294e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3620
Cache-Control: max-age=165137
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:10 GMT
Etag: "636e6c23-116"
Expires: Sun, 13 Nov 2022 16:37:27 GMT
Last-Modified: Fri, 11 Nov 2022 15:37:07 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
match.new-programmatic.com/userbind?src=sape&id=1503420A35986E63440140BC0214CD18
204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1503420A35986E63440140BC0214CD18
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
cs.agency2.ru/p?ssp=sp&uid=1503420A35986E63440140BC0214CD18
301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1503420A35986E63440140BC0214CD18
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=c1de5561-9935-48f8-bf3b-b99a57fa2454
Set-Cookie: uuid=c1de5561-9935-48f8-bf3b-b99a57fa2454; expires=Thu, 02 Nov 2023 18:45:10 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.dmp.otm-r.com/match/sape?id=1503420A35986E63440140BC0214CD18
204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1503420A35986E63440140BC0214CD18
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.10
date: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARi2sLqbBmIgMTUwMzQyMEEzNTk4NkU2MzQ0MDE0MEJDMDIxNENEMTiiARD4S2q6YfAR7YbgACWQwGR8
200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARi2sLqbBmIgMTUwMzQyMEEzNTk4NkU2MzQ0MDE0MEJDMDIxNENEMTiiARD4S2q6YfAR7YbgACWQwGR8
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARi2sLqbBmIgMTUwMzQyMEEzNTk4NkU2MzQ0MDE0MEJDMDIxNENEMTiiARD4S2q6YfAR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 06 Nov 2042 18:45:10 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash ec5e114adf74cf4dea365cf11a3e4c86
c0bc5d928b6aa65619428697b8216ec609c124bd
e121a245faacf2d389baacac140e2c6296c1b7ee7b4162fcfc49f57e4374392c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:18:16 GMT
ETag: "c0bc5d928b6aa65619428697b8216ec609c124bd"
Last-Modified: Fri, 11 Nov 2022 17:18:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 615
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef49ad5b511-OSL
www.acint.net/match?dp=129&euid=ubbm8fbpbc
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=ubbm8fbpbc
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=ubbm8fbpbc HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 06 Nov 2042 18:45:10 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=f84b6aba-61f0-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 43 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Fri, 11 Nov 2022 18:45:10 GMT
x-request-id: ebb7b403-32fa-433a-8a12-1efe3856a42c
set-cookie: bvuid=ubbm8fbpbc; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=ubbm8fbpbc; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=ubbm8fbpbc
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=AKAKijkxbHhErr9gfMxd
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=AKAKijkxbHhErr9gfMxd
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=AKAKijkxbHhErr9gfMxd HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash ec5e114adf74cf4dea365cf11a3e4c86
c0bc5d928b6aa65619428697b8216ec609c124bd
e121a245faacf2d389baacac140e2c6296c1b7ee7b4162fcfc49f57e4374392c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:18:16 GMT
ETag: "c0bc5d928b6aa65619428697b8216ec609c124bd"
Last-Modified: Fri, 11 Nov 2022 17:18:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 615
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef4cb1bb511-OSL
www.acint.net/match?dp=186&euid=c1de5561-9935-48f8-bf3b-b99a57fa2454
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=c1de5561-9935-48f8-bf3b-b99a57fa2454
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=c1de5561-9935-48f8-bf3b-b99a57fa2454 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash ec5e114adf74cf4dea365cf11a3e4c86
c0bc5d928b6aa65619428697b8216ec609c124bd
e121a245faacf2d389baacac140e2c6296c1b7ee7b4162fcfc49f57e4374392c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:18:16 GMT
ETag: "c0bc5d928b6aa65619428697b8216ec609c124bd"
Last-Modified: Fri, 11 Nov 2022 17:18:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 615
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef4db3fb511-OSL
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
200 OK 26 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Sun, 12 Nov 2023 00:34:02 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 09f2a85638cdbae3
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
200 OK 8.9 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP
File type ASCII text, with very long lines (33703), with no line terminators
Hash f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Mon, 11 Nov 2052 01:17:01 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 622759cb89692e1a1f4cdc7c61c1b383
692545078bc84ba65865b596f3b4fec9ae62e152
750c9a1ea87d165d7d5c7badbad91f59cf00c761c48fd2fb67076e8277bd2c1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750C9A1EA87D165D7D5C7BADBAD91F59CF00C761C48FD2FB67076E8277BD2C1E"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9032
Expires: Fri, 11 Nov 2022 21:15:42 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 806f8727ad1651f2fbb82ef2c0a3f0b3
155571d859fad27b3295e1df4f7fe7bfe9a4f15e
9d7bf4c39e710ddd6353625aff44875c1f43391fd510425a71adbe122c161d68
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 15:41:02 GMT
Expires: Tue, 15 Nov 2022 15:41:01 GMT
Etag: "155571d859fad27b3295e1df4f7fe7bfe9a4f15e"
Cache-Control: max-age=333950,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76892ef3b9afb50c-OSL
yastatic.net/partner-code-bundles/679108/93ca76526105423526a6.js
200 OK 99 kB URL HTTP/2 yastatic.net/partner-code-bundles/679108/93ca76526105423526a6.js
IP
File type ASCII text, with very long lines (65497)
Hash a9f781a2bfd5e4b0d9f7b14cdf48e369
49d19c795f54f89ae372c6cfc3caa5b01e8c1e34
561ddad550389f8b0e632bfe7bda7b633a8c76a8e257387baa75df3b4a35d0ae
GET /partner-code-bundles/679108/93ca76526105423526a6.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: text/javascript; charset=utf-8
content-length: 98928
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "a9f781a2bfd5e4b0d9f7b14cdf48e369"
expires: Mon, 11 Nov 2052 01:16:45 GMT
last-modified: Thu, 10 Nov 2022 11:28:29 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/679108/88228e019d33c0acb3aa.js
200 OK 19 kB URL HTTP/2 yastatic.net/partner-code-bundles/679108/88228e019d33c0acb3aa.js
IP
File type HTML document, ASCII text, with very long lines (65494)
Hash 007f8cd5a5184dc52b6010455567fef8
d18aa4991daefdaaba61d441648b35f13d8ab7de
a5393e228be2594c0079899597ae9d88049fe2d5f05a74899f71f1342ae17f86
GET /partner-code-bundles/679108/88228e019d33c0acb3aa.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: text/javascript; charset=utf-8
content-length: 19195
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "007f8cd5a5184dc52b6010455567fef8"
expires: Mon, 11 Nov 2052 01:16:45 GMT
last-modified: Thu, 10 Nov 2022 11:28:29 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/679108/3521127290410543dbe9.js
200 OK 4.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/679108/3521127290410543dbe9.js
IP
File type ASCII text, with very long lines (14337)
Hash 3231a38ac227a29892c974619bd955b8
c70a1a9e665d090bdbbe8bba1730a5414ca15469
1e7301a9793d6603c54906773623be2609736c57bf2e38c40a85dea22c1b6fb1
GET /partner-code-bundles/679108/3521127290410543dbe9.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: text/javascript; charset=utf-8
content-length: 4800
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "3231a38ac227a29892c974619bd955b8"
expires: Mon, 11 Nov 2052 01:16:45 GMT
last-modified: Thu, 10 Nov 2022 11:28:29 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 60da05968475b5bd2ae96af0db58ecfc
1d985183a6ec52cc7c800a054022308c19824275
b98c970fff0f827a7c2343b876d38b616dcde7e9362ede5e35b5a6945da77413
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=05e7ec8f-b80c-4e85-68c9-e96347381229
serverid: TODO
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 3a5f0bb88cb552ca74c287c3d16699ba
bfec565e58ded54f59bd1fc3de842aa1d4fc30a4
0008422c5d9081a56d24c02fccacef0271ed5997d4d9cf5ab419d9ee6aee50dc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2022 23:26:43 GMT
Expires: Wed, 16 Nov 2022 23:26:42 GMT
Etag: "bfec565e58ded54f59bd1fc3de842aa1d4fc30a4"
Cache-Control: max-age=448291,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76892ef45bb7b4f4-OSL
dmp.gotechnology.io/match/sape?id=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1503420A35986E63440140BC0214CD18
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1503420A35986E63440140BC0214CD18&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=f84b6aba-61f0-11ed-86e0-002590c0647c
302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=f84b6aba-61f0-11ed-86e0-002590c0647c
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=f84b6aba-61f0-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://f84b6aba-61f0-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape
dmp.gotechnology.io/match/sape?id=1503420A35986E63440140BC0214CD18&chk=1
302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1503420A35986E63440140BC0214CD18&chk=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1503420A35986E63440140BC0214CD18&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:45:10 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng
set-cookie: pid=MjI4ZjZkOTc2NmIxNjM5Ng; expires=Sat, 11 Nov 2023 18:45:10 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=05e7ec8f-b80c-4e85-68c9-e96347381229
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=05e7ec8f-b80c-4e85-68c9-e96347381229
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=05e7ec8f-b80c-4e85-68c9-e96347381229 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Fri, 11 Nov 2022 19:45:10 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1338%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1415259113788%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192310%3Ac%3A1%3Arn%3A616859490%3Arqn%3A1%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C241%2C76%2C0%2C367%2C0%2C%2C557%2C65%2C%2C%2C%2C1282%3Ans%3A1668192307990%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192310%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1338%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1415259113788%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192310%3Ac%3A1%3Arn%3A616859490%3Arqn%3A1%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C241%2C76%2C0%2C367%2C0%2C%2C557%2C65%2C%2C%2C%2C1282%3Ans%3A1668192307990%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192310%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash c7a014fe054a58133bc939c4238a667f
d657a90e003b0fba2b4359c142bba31cbd7ea512
4d6a5c6526b44ab81137fc0a7f56d9eb753c3e524afd0cc1e7c6d96664e16316
GET /watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1338%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1415259113788%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192310%3Ac%3A1%3Arn%3A616859490%3Arqn%3A1%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C241%2C76%2C0%2C367%2C0%2C%2C557%2C65%2C%2C%2C%2C1282%3Ans%3A1668192307990%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192310%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Referer: https://e-pitanie.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 11 Nov 2022 18:45:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:10 GMT
last-modified: Fri, 11-Nov-2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/meta/746018?target-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C48%3B670496%2C0%2C34%3B675076%2C0%2C72%3B679029%2C0%2C60%3B677689%2C0%2C45%3B673744%2C0%2C92&pcode-flags-map=eJytWGtv2zYU%2FSuDPhednpTUb5RE2UQkUiMpO05REG7jZQaSdGjTx1b0v%2B9Skm1JSelmGxAgTqBzeHQf5176m0MXjAuiayolKXSBFdYNFriWuuRCr2hBuKZM57zOuPPq9Tfn8%2Fb208555ey%2B%2Fum8cB52Hx%2FoNfwZpW4YRc73Ny%2BcFZZakN9aIpVe1bjRpeC1xoWc4JVoyZgAebGfuB0BYTiryOxw%2BFBSRhUBffmFXHKl11Qteas0Bu1K2tShKEJJ8Gzy%2F4MZV5VuBC%2FaXMnHxzyPmgDlM%2FMyIjF5wYXOBcGKroguiCK5opzpQxGQgmJd0oqcSVUUh8g7cpLLRjOy1vICBEE%2BpIITQCe9PM8TxWnHU3MQBOIqnJFKK64HYvurHeHm6VaSkwz4scTIIsQwQWLWJzEm3sCSYcaIsNOgIAjjjqbgmvGeaEWEojmuNF3prFWKMzsJtEGczEkACyQX5wTEgZeGPZbKvhrhfZTpRIUX57CJmz5xLqlITZg6k0pAe32ZyULX%2BFITLKRuiMgBO4H67hQYBj46hV71qomQdBYoFCcuiqbYNHb7eLeMVhwXRHTpwvWkcB4%2BfNqNYKGfBGnvNKZmpOzyO8PMi20EgsqQhECpZ5KI1Swlu%2Fvt29vdBBkgP%2B1VQkuA0zK9JHSxVJop%2B5FhFKR9m20wK8ilFq0ueI0pszqxG%2FsBOp6XCX4BYuEsvRC0sCK9OErQkwdqqCclaGaF%2B56L%2Buq7IszXZQvWt6YF%2BCit8YJYsaEXDu7fYQ%2Flm3FhkipwQVv5y08ybLDR3QsG%2F13jjdXCozCIhzgXZQOjSzacQWEoWhOws1nxuu4UG7pB%2F85NzgsCZgNQZvX1KIyAZiilkkOUiandw3nnbA%2BOjGP%2FMZyWxrPWpomgOv8Nw0HAClftJFuB%2BzS6giZnujazY4UFxfNOnxwaue4Q5UZQLqja6GwDLk3WDRf2gKEYDb13qIuCCphdOpfCCky9OBlVJJU6x0LAdMd5Pve0mUtEaRB53gTbVbE8rh0NLgrKFnaSMAp75TlvmYJSVpuG6MCuOkziaJSeWuQQJ0kzWkHU7MelMfohUsOozysYI2dOP3DUbaVoP%2Fc0GGxJYUOk5iVKnNu7OU38OB7pGEj6kQzTHYqtqfAmgy3IdIwSvKrmRjob9q4Pg6KjXAic%2BfZnoUTd07Na0quJ3sjzXdvzT3S%2BF%2F0AcSiOJenGjyAFkbBPWfV5kY96tFlYBCnBc5a64gua23FJMBgsBK2kojYdJAg7zL1GkMxu8Qg82vcmrQQzUEBdM%2BimJYF8GNuWsCTC0JDSvoB5qRf2ekYg3DTmVRbQGnaw76XRRMmSqu41RmQQzAvF7SqC2Pcna3Le1MMue9x1pd0oUJAG08tH3uT%2FmWN2EyhIiaGjnnkJCCMXoUmYZI2F0nC%2FaokhP5ekCCHUx7nCVxvdOX03q8aob87vu4d3f9TbDzf7%2B6Ha796%2F3d%2Fu5Lvt7f7%2Bxnnlf5%2BsupE7LDVjOeYqkFWmqysYv%2BMDXjt32%2F3tyw%2BfQNtf2%2Fvr3Vf4%2FOv%2Bbnuz%2Bzj51832rvvP9d%2B7%2B%2F7x7ef9w%2Fv%2B493L4x9vnlbT7btLYfbuafQJ%2BL4wDkgZzDcKO1x1JvKxFw%2BOY9bEwcIqzBbtmWUGwUKR9Ct8bq5%2FnA09ikszAWgJ92vSJYLYmzVOUpQeFZSCAk210T2edq32DHx28cgIHyFQGgwdPUI897sA2MtD95SOQ92COxmfN7%2FNu8%2F94fGVwg3T083A6IHdGWZw1YkCJVKB52pe6isg7jTCTDGTuXPHKXuJKzmjh0X5RA%2BzfIruLqHm24vhq4wzWo9kI%2FMy%2B%2FZPOVicun46tUK4D4sfDH3ny%2F76ZvcwZYhRYhi%2B%2FwPGljj7&pcode-icookie=w9NfmTL8fUdhGq6lJd4t0%2FUfe4g%2FeRyCNmySXtpob6jMH%2FdY3pCIXPTp2Ejqe5GnJZedO8wviWwvBUkfFOjnmDid1NM%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=107752139522050&ad-session-id=3745931668192310076&target-id=6659203&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fe-pitanie.ru&top-ancestor-undetermined=0&pcode-version=679108&pcodever=679108&flash-ver=0&available-width=1248&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1248%2C%22h%22%3A140%2C%22width%22%3A1248%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A10%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2MTd9ChqkIpHkOOpBCKyzhyr9XYGXpHH0uUL3daH69y_496ktpSV5I9q3NXeN2rWumzxNZtfRrUdxYvvSjbSuo446wP6GfSKoF2wLYxAzE_C2RvHTab3yJ-vGRMSMGTMGAjEmhQesJ_XQXYLqcasn8sQe1yX0uJ7ExfEC-upJPKGL78o93nLyq-ebEW5ONM93CZZtnucvCkMFrAGsWJFGcUKnIkZK7YHgiRcR6TInXyQlLv5QOYwsSMlyYCyAwOO7sD30YZS7dAaL_DAWeAIXB_yKVI8iuyHVVw_KoHFBXTrlC5e_SPIWxdLn8b70Moe3fOIKEEIYC0NBxPcEi6hw9vOEnrSerNJFFwwrruysAHzZwm1uL9idl1hYs3UdgGiLjvAUiuvyBIeJf0R4Q4Rh5YTP9EpdUJxdoA-RXfxe2D_9_EWewMWpHoi7A8zdlbtEkC7PojF4AD1BxZ-6_1V41YO2A4MGuLMH4sKytJ2I8sODdpIPts9-vJOx2Zq5NQmlC3T2mHkEs5aZQJhl5gT2wFy8erZ360_PZtUMG9qR9rfZy8SX0cWO3X5a_qQprGW04mnT2d86ASiLTvjlpIXLExbsW4SChbkRgTkDA6a6cL7UoPQX5bCybTfbD0siF_bZAnqQries8ETZnucOpwtrprmrygZjXVkPCupMMVjksLp1j69WLNqZdFMs4ktAvNye0wuiZbmXchYwd--Z5jY-LCDBh-7P4Aruoc9MBKXBhbtUHjXasjx7Eb45gkwXKDPrbQjCJZSehhrB4N4sI30_iT6AoSDYUfMyA7MD_1XlbD-9pSNRaLSUOpIkJaPUKWKFNqFkUnbW0TbVOk2iSGuUahJwjWSJklwVqxVxGBkreRgpkkgBrtECq5GWUkfbu1GEZESVXJsqleAaSUJNUim0IWmNYhW8NEoNsSYlTQxhlFTy9OwZlLFGrU3qcqSgxVFi0KZEIbGiqlWJcmlOj7B64V16tGSxUr0oaBwWNUlEbNAm8BVGSh1ZDM-hCH6SkDVvDzFRFeAHV-9OA-DAozTzpJSLVZ2_0btPhfXdKj4XRvfi5HMdbZrhODixNlMz-y492nhY1CnVaUQ5afuVOjUg09Ger5kfJLWxBSZDrEg01QFpUBCpE4M6VCrAHJBW9CEFoBJyRY_Z5iJJlQZyklhLpkoiKw81EoSIjNZ1oZqbXWCn8-HFLG0ummpn7Ebg0Vg2AmHXxdpUSPDSfIEKcrj0fAZvh5gGoWU7gL1YhLPdE66si8GFzdgVqZCYMWR6ZdMYQ4eKEDxTC27incjO4JUR0egtK0M_NqIxFFsR0VBZVsYuWeYOOSOX1ZsxFNqjYHBPLPuLwcTlYPEuaMeLoWkdESJzX6z_O0714laveke4Uzlhe5nZS2bwRlRU5lQOXFnWcTHykMbnlk8kZ-xmCPSm_u-VucWTk7arxOAlEVJRcU7vMTNw_KbA5B8HDN4MPCTmcIR9T12MbPdDbA5OUHbdLZn13N5_4nZbxmVjbGLRI0FsrhIYlnXbCrwDLe5ANK4AYxczFQvUNeN7asjVWdUjpqE2R8IunS2VNp-RfZHoEZtSBhRLaRfb4vbrbcjxpBxjkaF4gNDk-UEpi4pyKJabrRuWkzLndrkLEktLETJwQmdpwwFISoHfeoY7EwO-Db0OvOww0xJrs1lMe7O2gMi2qtX2tYKCdCAZk9c4VBEZiq1mZEOhVlOEoC8HiR4l7KAlut66KQd1bcNRZ561nMjBAHMIEkekRkqI-B2XBmozPfFOPQRTkYA-g1eXdDgb9G087An6OO97lfc_swzbOOc2x6yBAg7IjNpIV4eUdxRx6u2hX-unMRs642SBerb5fVjOB_zHeNmjr39024hx8T7bH6jL4Av-4Y9zq_qs62e4dro_XLvP5GXDn7XD8NIe3N1e-LlfcWeBUd7Qzptrfi7HkhkQf3HrAzu_kH6wFrfvV1gH_ItW8qfRIc7ChD142el4qJEPFZMvFhx7nN1dnHdqeJkI43sLhz3sF2iQb1And_r9_ZVvz0On--uu7nrDvVvSOPRBYg2dLv4O0sGWno5LsBsGdNZ5cVkYC_QWzBuWCW1_dht4vnAgffmnlDPpHii_s818oo29GR4py_aWvZKePByC4VUnbYjOGvrnK160MJcg8oX39At_MAY_xPKBtKAEwxbvg5SeyPb_-OtFivqoXdmSHcZhDtolcXqjH5sgX3Ndl8IhsGgrF9d-xbiFMOYHq88756ayFpgnpavWL5YNTLmxOA6jnPTDKNlcpyXWRDVn3VSliMm1iZNZN4gaENEgoakDsjoBsyoVqYJYaVATU2hjJUmFH6o0qcKwXBFZqiKrEzYPk4KEWEMRpbG2kjz3VPJUkZCGm3LACJWaRBFqQ9KYKDXm-9KUTprzecaE_g-esS9LSFL2Q4rCv-PsZBL26D2HmrFDZEafEitIQlWFR74EmXUzB7FKW-FHNTJSpmSaOGq2Og6WCGgBnkI-PKXsCOkoKGl0tBSUFpScwYx9CyWxRpOqiDoVALNOnNQ2-PrjwP_NYK0y_n-MXX4i_Ws5eFoWl7TpwCj5uDDO0zCVbPg2m36SsTwphmcq9XkVx8FWT0rfnwpBKVb0-sTzP2QmXPv4LDFaXCwPJ5a-Wq6nxrIV_bw5fWf5J9XgaWbyP5zne9ah-_Uk-MLcst9pw_B8JwZbakXceWYSztYB1Kdp_IMRXLUedIwUn9w7sFPzeuFafIbZopkachVlrqTc3790HtaF89h-wsIcbgnvYXOfG6dPeEWLXZL2Q-MiZ2PPJD5L4BI4qUlScsWwJLNmS5jf14Xdo1ySARJSGr51z49gwg8GvcOZpCA3Tf3-f1P3XMxV9onPv9ShcvlzqLQdMqDbN288zT1j8pPsFFeyIqrJUI8EBZIhPCVRaAgNoJGFqhBeAvG5kNkqNcYmQsjb28xPg9h3B3va05aQHTDH0DhURKMrsibprg-sp-HpwaC46MVPDqwVP3VwT9oaUkuAGHe5PWR2N3f8Mnuva-qemZ7XLXt1QscZmNtTkGwhwx346r1c-dRDO5eS1s5M2oGMds0fv5W1peOh07c_1i7OTN5Cww7fHJXbqr6iprhYy0PHVAVEp5qcXbjPzvZjM1-7E9Al9SFWdiWWJczxS4ZatOJJSeAzKxNTI0A-mRjFpOYh9JTMetaQH3YFImC0xOShMl1iJxUckjAiU4WxIo4q2IAGGwg39roh7l3Li2w7SB7IHgz6UjC2vfgSkzrms-juuH8l3is_m6wvzi1r_mR3FxSOgrxWborqiVF-n7tlvO-2iDjS-2RMzDuYI4MtZFJwoaZCPjUN5CSLIeyCR33YfssoPxeJ2jXo_igdNFmmuFcm0WTJj2e8A8Pr6u4n_o3yo_t28vgmW8SGNxbcx2QnHBG8lB_IH6uuBJhHqD6OycwitWdWejWEBPVj5w6AvPgfRQa5FO8NAXl-ZjqCsDrHl6qbxfISILk_ZX3nEz5ZhbdqJSaTlt_2O-aY4LVIy-NwEntyfwcAweun_DYTAxdB-tqCuLc4BSVKiV8rmI4s6GHAsJ7i2LfaO-W3oquJcgz50Rl8-FLIYxlqnY_J1sfMydLUyMUDQHGRQQg9HUO9ifVPT9Qh1nfqKeivvR892cSoHmwrA7GOMN9yuhdh-wUsWgCSvu_G8v8MBMUeEXYk8ktf8ftcm5r70RTcvgnKIcuzL_oR7VtOrN845c1hjW23XkzYNtXUNbIkh3mTO7B_MtHF93C6yju_3xbvcys7QZw2ecCasGi2xrDt-noLnvAngNTyiNHfYa-WsYj_kzpGcRZql184jeAeuX0VlFPR-bdYf6wcUlaTsXDLMeE8GmyJ6XuUc5hJ6ZuG-T52lCpJYkMUwlskYxQ88CFGeIixWRtVBR3zEzfQrXQff1r6ICGtj3mt9OXm-Al86-0tGb0ff7_m02Dc7wfDqT_5Faqc2bjdeYjB637eLqnDtZzwP_R5_b9PbQ2h9TTzVRHQfTU6JwE76tDiYeMXkBhFgw3nz90tfczO1SVPsD37PvtAy3kHklVjguPCrCUwSLN6ebL2bt4K4xaDs1zR96j7wLsFgNX3HVp5zyWt-i2uSMlDmJaLmVeIiTl2Eu-WpePm4faxxJy8jmxuORSRM4DQfXEQWJr6kA4tvcWP4B1G5wgQFeWbz_laDtT_U7Gc5BwMf2H7rfBnDxn3J0ZPdF_AvyoJ1i93Piso39l_w1yOga09E01hBjsYNlP6QSJDxO78Z8IXZoaWXuqU4OT8wMnB_vXJWan0umFvtxweXHymFRViBAgQIKNYAQlQRAMARBRgrqHgWfRWqE-8oRPmduNsrbYhYvU5iuLrsZHveB74E1ZhuaCOGqYobSRWn8HkUPWv_qVtG-Dmhvw9M15WqRtJazrNdrz1OUQrL0mxWrZ0oLct0MrJR9KLG_frXZwDJxTkKPlT2zEXXDz6rnNeQ8HNDnHuHAcy-2pvK13eOXvZhmuXC9aLyCSQ3j70RAVo9tzm73fkmy3qMK4LZ_JfTtZm8ozXP9DClw6ZpIs2s3IuBMLi_xO0hWn7rO2kFrkX5mR3ZPO1IVeIIyHc_72cf6KOoGaIBee1GPtl3kJMVAbX0AObig8VPDYrL--bCMqXJr75LrOGMzNeDDB8jsTMbV0_l21_TolJ5zVnIa2Yl-2Bt7aS86BG75_DlnLNOka0FxCuI5fPZ3PNmVInyEb0FYAOWReEL-cK8ikmbDHP60OFLUCNV37RseFGlBnNkZES7zTg5OPaCc62qrMF2VpbWRQt9HYTXRasvwlJtaH0WmzHLCKsfbYVj_aIYzmFYf9ErMdrVjRyNv1Qae359WTWbWedY_9T9o3lKKi7MGS5yPhFmmeWkdzRKMo99kmahi35PnBtYz1DG4rqaUZQ3ixxy8uPxmpXAfYk9c0HV5Z8mSUwP4kf90Uot53IIoX_SViNXFNEdQxYwLfwjy3IlYW5BMddfPp2ufkOZvane8PafnXWzzSfy0XWs9rK8Cw6WWw9dPYLZtLcjl3WSl6r9ro9MYK7XPifJL8vK16R&uniformat=true&callback=Ya%5B7238484806945%5D
200 OK 23 kB URL HTTP/2 an.yandex.ru/meta/746018?target-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C48%3B670496%2C0%2C34%3B675076%2C0%2C72%3B679029%2C0%2C60%3B677689%2C0%2C45%3B673744%2C0%2C92&pcode-flags-map=eJytWGtv2zYU%2FSuDPhednpTUb5RE2UQkUiMpO05REG7jZQaSdGjTx1b0v%2B9Skm1JSelmGxAgTqBzeHQf5176m0MXjAuiayolKXSBFdYNFriWuuRCr2hBuKZM57zOuPPq9Tfn8%2Fb208555ey%2B%2Fum8cB52Hx%2FoNfwZpW4YRc73Ny%2BcFZZakN9aIpVe1bjRpeC1xoWc4JVoyZgAebGfuB0BYTiryOxw%2BFBSRhUBffmFXHKl11Qteas0Bu1K2tShKEJJ8Gzy%2F4MZV5VuBC%2FaXMnHxzyPmgDlM%2FMyIjF5wYXOBcGKroguiCK5opzpQxGQgmJd0oqcSVUUh8g7cpLLRjOy1vICBEE%2BpIITQCe9PM8TxWnHU3MQBOIqnJFKK64HYvurHeHm6VaSkwz4scTIIsQwQWLWJzEm3sCSYcaIsNOgIAjjjqbgmvGeaEWEojmuNF3prFWKMzsJtEGczEkACyQX5wTEgZeGPZbKvhrhfZTpRIUX57CJmz5xLqlITZg6k0pAe32ZyULX%2BFITLKRuiMgBO4H67hQYBj46hV71qomQdBYoFCcuiqbYNHb7eLeMVhwXRHTpwvWkcB4%2BfNqNYKGfBGnvNKZmpOzyO8PMi20EgsqQhECpZ5KI1Swlu%2Fvt29vdBBkgP%2B1VQkuA0zK9JHSxVJop%2B5FhFKR9m20wK8ilFq0ueI0pszqxG%2FsBOp6XCX4BYuEsvRC0sCK9OErQkwdqqCclaGaF%2B56L%2Buq7IszXZQvWt6YF%2BCit8YJYsaEXDu7fYQ%2Flm3FhkipwQVv5y08ybLDR3QsG%2F13jjdXCozCIhzgXZQOjSzacQWEoWhOws1nxuu4UG7pB%2F85NzgsCZgNQZvX1KIyAZiilkkOUiandw3nnbA%2BOjGP%2FMZyWxrPWpomgOv8Nw0HAClftJFuB%2BzS6giZnujazY4UFxfNOnxwaue4Q5UZQLqja6GwDLk3WDRf2gKEYDb13qIuCCphdOpfCCky9OBlVJJU6x0LAdMd5Pve0mUtEaRB53gTbVbE8rh0NLgrKFnaSMAp75TlvmYJSVpuG6MCuOkziaJSeWuQQJ0kzWkHU7MelMfohUsOozysYI2dOP3DUbaVoP%2Fc0GGxJYUOk5iVKnNu7OU38OB7pGEj6kQzTHYqtqfAmgy3IdIwSvKrmRjob9q4Pg6KjXAic%2BfZnoUTd07Na0quJ3sjzXdvzT3S%2BF%2F0AcSiOJenGjyAFkbBPWfV5kY96tFlYBCnBc5a64gua23FJMBgsBK2kojYdJAg7zL1GkMxu8Qg82vcmrQQzUEBdM%2BimJYF8GNuWsCTC0JDSvoB5qRf2ekYg3DTmVRbQGnaw76XRRMmSqu41RmQQzAvF7SqC2Pcna3Le1MMue9x1pd0oUJAG08tH3uT%2FmWN2EyhIiaGjnnkJCCMXoUmYZI2F0nC%2FaokhP5ekCCHUx7nCVxvdOX03q8aob87vu4d3f9TbDzf7%2B6Ha796%2F3d%2Fu5Lvt7f7%2Bxnnlf5%2BsupE7LDVjOeYqkFWmqysYv%2BMDXjt32%2F3tyw%2BfQNtf2%2Fvr3Vf4%2FOv%2Bbnuz%2Bzj51832rvvP9d%2B7%2B%2F7x7ef9w%2Fv%2B493L4x9vnlbT7btLYfbuafQJ%2BL4wDkgZzDcKO1x1JvKxFw%2BOY9bEwcIqzBbtmWUGwUKR9Ct8bq5%2FnA09ikszAWgJ92vSJYLYmzVOUpQeFZSCAk210T2edq32DHx28cgIHyFQGgwdPUI897sA2MtD95SOQ92COxmfN7%2FNu8%2F94fGVwg3T083A6IHdGWZw1YkCJVKB52pe6isg7jTCTDGTuXPHKXuJKzmjh0X5RA%2BzfIruLqHm24vhq4wzWo9kI%2FMy%2B%2FZPOVicun46tUK4D4sfDH3ny%2F76ZvcwZYhRYhi%2B%2FwPGljj7&pcode-icookie=w9NfmTL8fUdhGq6lJd4t0%2FUfe4g%2FeRyCNmySXtpob6jMH%2FdY3pCIXPTp2Ejqe5GnJZedO8wviWwvBUkfFOjnmDid1NM%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=107752139522050&ad-session-id=3745931668192310076&target-id=6659203&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fe-pitanie.ru&top-ancestor-undetermined=0&pcode-version=679108&pcodever=679108&flash-ver=0&available-width=1248&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1248%2C%22h%22%3A140%2C%22width%22%3A1248%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A10%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2MTd9ChqkIpHkOOpBCKyzhyr9XYGXpHH0uUL3daH69y_496ktpSV5I9q3NXeN2rWumzxNZtfRrUdxYvvSjbSuo446wP6GfSKoF2wLYxAzE_C2RvHTab3yJ-vGRMSMGTMGAjEmhQesJ_XQXYLqcasn8sQe1yX0uJ7ExfEC-upJPKGL78o93nLyq-ebEW5ONM93CZZtnucvCkMFrAGsWJFGcUKnIkZK7YHgiRcR6TInXyQlLv5QOYwsSMlyYCyAwOO7sD30YZS7dAaL_DAWeAIXB_yKVI8iuyHVVw_KoHFBXTrlC5e_SPIWxdLn8b70Moe3fOIKEEIYC0NBxPcEi6hw9vOEnrSerNJFFwwrruysAHzZwm1uL9idl1hYs3UdgGiLjvAUiuvyBIeJf0R4Q4Rh5YTP9EpdUJxdoA-RXfxe2D_9_EWewMWpHoi7A8zdlbtEkC7PojF4AD1BxZ-6_1V41YO2A4MGuLMH4sKytJ2I8sODdpIPts9-vJOx2Zq5NQmlC3T2mHkEs5aZQJhl5gT2wFy8erZ360_PZtUMG9qR9rfZy8SX0cWO3X5a_qQprGW04mnT2d86ASiLTvjlpIXLExbsW4SChbkRgTkDA6a6cL7UoPQX5bCybTfbD0siF_bZAnqQries8ETZnucOpwtrprmrygZjXVkPCupMMVjksLp1j69WLNqZdFMs4ktAvNye0wuiZbmXchYwd--Z5jY-LCDBh-7P4Aruoc9MBKXBhbtUHjXasjx7Eb45gkwXKDPrbQjCJZSehhrB4N4sI30_iT6AoSDYUfMyA7MD_1XlbD-9pSNRaLSUOpIkJaPUKWKFNqFkUnbW0TbVOk2iSGuUahJwjWSJklwVqxVxGBkreRgpkkgBrtECq5GWUkfbu1GEZESVXJsqleAaSUJNUim0IWmNYhW8NEoNsSYlTQxhlFTy9OwZlLFGrU3qcqSgxVFi0KZEIbGiqlWJcmlOj7B64V16tGSxUr0oaBwWNUlEbNAm8BVGSh1ZDM-hCH6SkDVvDzFRFeAHV-9OA-DAozTzpJSLVZ2_0btPhfXdKj4XRvfi5HMdbZrhODixNlMz-y492nhY1CnVaUQ5afuVOjUg09Ger5kfJLWxBSZDrEg01QFpUBCpE4M6VCrAHJBW9CEFoBJyRY_Z5iJJlQZyklhLpkoiKw81EoSIjNZ1oZqbXWCn8-HFLG0ummpn7Ebg0Vg2AmHXxdpUSPDSfIEKcrj0fAZvh5gGoWU7gL1YhLPdE66si8GFzdgVqZCYMWR6ZdMYQ4eKEDxTC27incjO4JUR0egtK0M_NqIxFFsR0VBZVsYuWeYOOSOX1ZsxFNqjYHBPLPuLwcTlYPEuaMeLoWkdESJzX6z_O0714laveke4Uzlhe5nZS2bwRlRU5lQOXFnWcTHykMbnlk8kZ-xmCPSm_u-VucWTk7arxOAlEVJRcU7vMTNw_KbA5B8HDN4MPCTmcIR9T12MbPdDbA5OUHbdLZn13N5_4nZbxmVjbGLRI0FsrhIYlnXbCrwDLe5ANK4AYxczFQvUNeN7asjVWdUjpqE2R8IunS2VNp-RfZHoEZtSBhRLaRfb4vbrbcjxpBxjkaF4gNDk-UEpi4pyKJabrRuWkzLndrkLEktLETJwQmdpwwFISoHfeoY7EwO-Db0OvOww0xJrs1lMe7O2gMi2qtX2tYKCdCAZk9c4VBEZiq1mZEOhVlOEoC8HiR4l7KAlut66KQd1bcNRZ561nMjBAHMIEkekRkqI-B2XBmozPfFOPQRTkYA-g1eXdDgb9G087An6OO97lfc_swzbOOc2x6yBAg7IjNpIV4eUdxRx6u2hX-unMRs642SBerb5fVjOB_zHeNmjr39024hx8T7bH6jL4Av-4Y9zq_qs62e4dro_XLvP5GXDn7XD8NIe3N1e-LlfcWeBUd7Qzptrfi7HkhkQf3HrAzu_kH6wFrfvV1gH_ItW8qfRIc7ChD142el4qJEPFZMvFhx7nN1dnHdqeJkI43sLhz3sF2iQb1And_r9_ZVvz0On--uu7nrDvVvSOPRBYg2dLv4O0sGWno5LsBsGdNZ5cVkYC_QWzBuWCW1_dht4vnAgffmnlDPpHii_s818oo29GR4py_aWvZKePByC4VUnbYjOGvrnK160MJcg8oX39At_MAY_xPKBtKAEwxbvg5SeyPb_-OtFivqoXdmSHcZhDtolcXqjH5sgX3Ndl8IhsGgrF9d-xbiFMOYHq88756ayFpgnpavWL5YNTLmxOA6jnPTDKNlcpyXWRDVn3VSliMm1iZNZN4gaENEgoakDsjoBsyoVqYJYaVATU2hjJUmFH6o0qcKwXBFZqiKrEzYPk4KEWEMRpbG2kjz3VPJUkZCGm3LACJWaRBFqQ9KYKDXm-9KUTprzecaE_g-esS9LSFL2Q4rCv-PsZBL26D2HmrFDZEafEitIQlWFR74EmXUzB7FKW-FHNTJSpmSaOGq2Og6WCGgBnkI-PKXsCOkoKGl0tBSUFpScwYx9CyWxRpOqiDoVALNOnNQ2-PrjwP_NYK0y_n-MXX4i_Ws5eFoWl7TpwCj5uDDO0zCVbPg2m36SsTwphmcq9XkVx8FWT0rfnwpBKVb0-sTzP2QmXPv4LDFaXCwPJ5a-Wq6nxrIV_bw5fWf5J9XgaWbyP5zne9ah-_Uk-MLcst9pw_B8JwZbakXceWYSztYB1Kdp_IMRXLUedIwUn9w7sFPzeuFafIbZopkachVlrqTc3790HtaF89h-wsIcbgnvYXOfG6dPeEWLXZL2Q-MiZ2PPJD5L4BI4qUlScsWwJLNmS5jf14Xdo1ySARJSGr51z49gwg8GvcOZpCA3Tf3-f1P3XMxV9onPv9ShcvlzqLQdMqDbN288zT1j8pPsFFeyIqrJUI8EBZIhPCVRaAgNoJGFqhBeAvG5kNkqNcYmQsjb28xPg9h3B3va05aQHTDH0DhURKMrsibprg-sp-HpwaC46MVPDqwVP3VwT9oaUkuAGHe5PWR2N3f8Mnuva-qemZ7XLXt1QscZmNtTkGwhwx346r1c-dRDO5eS1s5M2oGMds0fv5W1peOh07c_1i7OTN5Cww7fHJXbqr6iprhYy0PHVAVEp5qcXbjPzvZjM1-7E9Al9SFWdiWWJczxS4ZatOJJSeAzKxNTI0A-mRjFpOYh9JTMetaQH3YFImC0xOShMl1iJxUckjAiU4WxIo4q2IAGGwg39roh7l3Li2w7SB7IHgz6UjC2vfgSkzrms-juuH8l3is_m6wvzi1r_mR3FxSOgrxWborqiVF-n7tlvO-2iDjS-2RMzDuYI4MtZFJwoaZCPjUN5CSLIeyCR33YfssoPxeJ2jXo_igdNFmmuFcm0WTJj2e8A8Pr6u4n_o3yo_t28vgmW8SGNxbcx2QnHBG8lB_IH6uuBJhHqD6OycwitWdWejWEBPVj5w6AvPgfRQa5FO8NAXl-ZjqCsDrHl6qbxfISILk_ZX3nEz5ZhbdqJSaTlt_2O-aY4LVIy-NwEntyfwcAweun_DYTAxdB-tqCuLc4BSVKiV8rmI4s6GHAsJ7i2LfaO-W3oquJcgz50Rl8-FLIYxlqnY_J1sfMydLUyMUDQHGRQQg9HUO9ifVPT9Qh1nfqKeivvR892cSoHmwrA7GOMN9yuhdh-wUsWgCSvu_G8v8MBMUeEXYk8ktf8ftcm5r70RTcvgnKIcuzL_oR7VtOrN845c1hjW23XkzYNtXUNbIkh3mTO7B_MtHF93C6yju_3xbvcys7QZw2ecCasGi2xrDt-noLnvAngNTyiNHfYa-WsYj_kzpGcRZql184jeAeuX0VlFPR-bdYf6wcUlaTsXDLMeE8GmyJ6XuUc5hJ6ZuG-T52lCpJYkMUwlskYxQ88CFGeIixWRtVBR3zEzfQrXQff1r6ICGtj3mt9OXm-Al86-0tGb0ff7_m02Dc7wfDqT_5Faqc2bjdeYjB637eLqnDtZzwP_R5_b9PbQ2h9TTzVRHQfTU6JwE76tDiYeMXkBhFgw3nz90tfczO1SVPsD37PvtAy3kHklVjguPCrCUwSLN6ebL2bt4K4xaDs1zR96j7wLsFgNX3HVp5zyWt-i2uSMlDmJaLmVeIiTl2Eu-WpePm4faxxJy8jmxuORSRM4DQfXEQWJr6kA4tvcWP4B1G5wgQFeWbz_laDtT_U7Gc5BwMf2H7rfBnDxn3J0ZPdF_AvyoJ1i93Piso39l_w1yOga09E01hBjsYNlP6QSJDxO78Z8IXZoaWXuqU4OT8wMnB_vXJWan0umFvtxweXHymFRViBAgQIKNYAQlQRAMARBRgrqHgWfRWqE-8oRPmduNsrbYhYvU5iuLrsZHveB74E1ZhuaCOGqYobSRWn8HkUPWv_qVtG-Dmhvw9M15WqRtJazrNdrz1OUQrL0mxWrZ0oLct0MrJR9KLG_frXZwDJxTkKPlT2zEXXDz6rnNeQ8HNDnHuHAcy-2pvK13eOXvZhmuXC9aLyCSQ3j70RAVo9tzm73fkmy3qMK4LZ_JfTtZm8ozXP9DClw6ZpIs2s3IuBMLi_xO0hWn7rO2kFrkX5mR3ZPO1IVeIIyHc_72cf6KOoGaIBee1GPtl3kJMVAbX0AObig8VPDYrL--bCMqXJr75LrOGMzNeDDB8jsTMbV0_l21_TolJ5zVnIa2Yl-2Bt7aS86BG75_DlnLNOka0FxCuI5fPZ3PNmVInyEb0FYAOWReEL-cK8ikmbDHP60OFLUCNV37RseFGlBnNkZES7zTg5OPaCc62qrMF2VpbWRQt9HYTXRasvwlJtaH0WmzHLCKsfbYVj_aIYzmFYf9ErMdrVjRyNv1Qae359WTWbWedY_9T9o3lKKi7MGS5yPhFmmeWkdzRKMo99kmahi35PnBtYz1DG4rqaUZQ3ixxy8uPxmpXAfYk9c0HV5Z8mSUwP4kf90Uot53IIoX_SViNXFNEdQxYwLfwjy3IlYW5BMddfPp2ufkOZvane8PafnXWzzSfy0XWs9rK8Cw6WWw9dPYLZtLcjl3WSl6r9ro9MYK7XPifJL8vK16R&uniformat=true&callback=Ya%5B7238484806945%5D
IP
Hash 6d588a7c376a2dee6edb6b062b1d23b2
695053ffab306e9a8c364645930f823d65df2628
62568f9ddfd9874a022615230cd3dc0bf03f4b58bb3524dd82b0a976695e4c82
GET /meta/746018?target-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C48%3B670496%2C0%2C34%3B675076%2C0%2C72%3B679029%2C0%2C60%3B677689%2C0%2C45%3B673744%2C0%2C92&pcode-flags-map=eJytWGtv2zYU%2FSuDPhednpTUb5RE2UQkUiMpO05REG7jZQaSdGjTx1b0v%2B9Skm1JSelmGxAgTqBzeHQf5176m0MXjAuiayolKXSBFdYNFriWuuRCr2hBuKZM57zOuPPq9Tfn8%2Fb208555ey%2B%2Fum8cB52Hx%2FoNfwZpW4YRc73Ny%2BcFZZakN9aIpVe1bjRpeC1xoWc4JVoyZgAebGfuB0BYTiryOxw%2BFBSRhUBffmFXHKl11Qteas0Bu1K2tShKEJJ8Gzy%2F4MZV5VuBC%2FaXMnHxzyPmgDlM%2FMyIjF5wYXOBcGKroguiCK5opzpQxGQgmJd0oqcSVUUh8g7cpLLRjOy1vICBEE%2BpIITQCe9PM8TxWnHU3MQBOIqnJFKK64HYvurHeHm6VaSkwz4scTIIsQwQWLWJzEm3sCSYcaIsNOgIAjjjqbgmvGeaEWEojmuNF3prFWKMzsJtEGczEkACyQX5wTEgZeGPZbKvhrhfZTpRIUX57CJmz5xLqlITZg6k0pAe32ZyULX%2BFITLKRuiMgBO4H67hQYBj46hV71qomQdBYoFCcuiqbYNHb7eLeMVhwXRHTpwvWkcB4%2BfNqNYKGfBGnvNKZmpOzyO8PMi20EgsqQhECpZ5KI1Swlu%2Fvt29vdBBkgP%2B1VQkuA0zK9JHSxVJop%2B5FhFKR9m20wK8ilFq0ueI0pszqxG%2FsBOp6XCX4BYuEsvRC0sCK9OErQkwdqqCclaGaF%2B56L%2Buq7IszXZQvWt6YF%2BCit8YJYsaEXDu7fYQ%2Flm3FhkipwQVv5y08ybLDR3QsG%2F13jjdXCozCIhzgXZQOjSzacQWEoWhOws1nxuu4UG7pB%2F85NzgsCZgNQZvX1KIyAZiilkkOUiandw3nnbA%2BOjGP%2FMZyWxrPWpomgOv8Nw0HAClftJFuB%2BzS6giZnujazY4UFxfNOnxwaue4Q5UZQLqja6GwDLk3WDRf2gKEYDb13qIuCCphdOpfCCky9OBlVJJU6x0LAdMd5Pve0mUtEaRB53gTbVbE8rh0NLgrKFnaSMAp75TlvmYJSVpuG6MCuOkziaJSeWuQQJ0kzWkHU7MelMfohUsOozysYI2dOP3DUbaVoP%2Fc0GGxJYUOk5iVKnNu7OU38OB7pGEj6kQzTHYqtqfAmgy3IdIwSvKrmRjob9q4Pg6KjXAic%2BfZnoUTd07Na0quJ3sjzXdvzT3S%2BF%2F0AcSiOJenGjyAFkbBPWfV5kY96tFlYBCnBc5a64gua23FJMBgsBK2kojYdJAg7zL1GkMxu8Qg82vcmrQQzUEBdM%2BimJYF8GNuWsCTC0JDSvoB5qRf2ekYg3DTmVRbQGnaw76XRRMmSqu41RmQQzAvF7SqC2Pcna3Le1MMue9x1pd0oUJAG08tH3uT%2FmWN2EyhIiaGjnnkJCCMXoUmYZI2F0nC%2FaokhP5ekCCHUx7nCVxvdOX03q8aob87vu4d3f9TbDzf7%2B6Ha796%2F3d%2Fu5Lvt7f7%2Bxnnlf5%2BsupE7LDVjOeYqkFWmqysYv%2BMDXjt32%2F3tyw%2BfQNtf2%2Fvr3Vf4%2FOv%2Bbnuz%2Bzj51832rvvP9d%2B7%2B%2F7x7ef9w%2Fv%2B493L4x9vnlbT7btLYfbuafQJ%2BL4wDkgZzDcKO1x1JvKxFw%2BOY9bEwcIqzBbtmWUGwUKR9Ct8bq5%2FnA09ikszAWgJ92vSJYLYmzVOUpQeFZSCAk210T2edq32DHx28cgIHyFQGgwdPUI897sA2MtD95SOQ92COxmfN7%2FNu8%2F94fGVwg3T083A6IHdGWZw1YkCJVKB52pe6isg7jTCTDGTuXPHKXuJKzmjh0X5RA%2BzfIruLqHm24vhq4wzWo9kI%2FMy%2B%2FZPOVicun46tUK4D4sfDH3ny%2F76ZvcwZYhRYhi%2B%2FwPGljj7&pcode-icookie=w9NfmTL8fUdhGq6lJd4t0%2FUfe4g%2FeRyCNmySXtpob6jMH%2FdY3pCIXPTp2Ejqe5GnJZedO8wviWwvBUkfFOjnmDid1NM%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=107752139522050&ad-session-id=3745931668192310076&target-id=6659203&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fe-pitanie.ru&top-ancestor-undetermined=0&pcode-version=679108&pcodever=679108&flash-ver=0&available-width=1248&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1248%2C%22h%22%3A140%2C%22width%22%3A1248%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A10%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2MTd9ChqkIpHkOOpBCKyzhyr9XYGXpHH0uUL3daH69y_496ktpSV5I9q3NXeN2rWumzxNZtfRrUdxYvvSjbSuo446wP6GfSKoF2wLYxAzE_C2RvHTab3yJ-vGRMSMGTMGAjEmhQesJ_XQXYLqcasn8sQe1yX0uJ7ExfEC-upJPKGL78o93nLyq-ebEW5ONM93CZZtnucvCkMFrAGsWJFGcUKnIkZK7YHgiRcR6TInXyQlLv5QOYwsSMlyYCyAwOO7sD30YZS7dAaL_DAWeAIXB_yKVI8iuyHVVw_KoHFBXTrlC5e_SPIWxdLn8b70Moe3fOIKEEIYC0NBxPcEi6hw9vOEnrSerNJFFwwrruysAHzZwm1uL9idl1hYs3UdgGiLjvAUiuvyBIeJf0R4Q4Rh5YTP9EpdUJxdoA-RXfxe2D_9_EWewMWpHoi7A8zdlbtEkC7PojF4AD1BxZ-6_1V41YO2A4MGuLMH4sKytJ2I8sODdpIPts9-vJOx2Zq5NQmlC3T2mHkEs5aZQJhl5gT2wFy8erZ360_PZtUMG9qR9rfZy8SX0cWO3X5a_qQprGW04mnT2d86ASiLTvjlpIXLExbsW4SChbkRgTkDA6a6cL7UoPQX5bCybTfbD0siF_bZAnqQries8ETZnucOpwtrprmrygZjXVkPCupMMVjksLp1j69WLNqZdFMs4ktAvNye0wuiZbmXchYwd--Z5jY-LCDBh-7P4Aruoc9MBKXBhbtUHjXasjx7Eb45gkwXKDPrbQjCJZSehhrB4N4sI30_iT6AoSDYUfMyA7MD_1XlbD-9pSNRaLSUOpIkJaPUKWKFNqFkUnbW0TbVOk2iSGuUahJwjWSJklwVqxVxGBkreRgpkkgBrtECq5GWUkfbu1GEZESVXJsqleAaSUJNUim0IWmNYhW8NEoNsSYlTQxhlFTy9OwZlLFGrU3qcqSgxVFi0KZEIbGiqlWJcmlOj7B64V16tGSxUr0oaBwWNUlEbNAm8BVGSh1ZDM-hCH6SkDVvDzFRFeAHV-9OA-DAozTzpJSLVZ2_0btPhfXdKj4XRvfi5HMdbZrhODixNlMz-y492nhY1CnVaUQ5afuVOjUg09Ger5kfJLWxBSZDrEg01QFpUBCpE4M6VCrAHJBW9CEFoBJyRY_Z5iJJlQZyklhLpkoiKw81EoSIjNZ1oZqbXWCn8-HFLG0ummpn7Ebg0Vg2AmHXxdpUSPDSfIEKcrj0fAZvh5gGoWU7gL1YhLPdE66si8GFzdgVqZCYMWR6ZdMYQ4eKEDxTC27incjO4JUR0egtK0M_NqIxFFsR0VBZVsYuWeYOOSOX1ZsxFNqjYHBPLPuLwcTlYPEuaMeLoWkdESJzX6z_O0714laveke4Uzlhe5nZS2bwRlRU5lQOXFnWcTHykMbnlk8kZ-xmCPSm_u-VucWTk7arxOAlEVJRcU7vMTNw_KbA5B8HDN4MPCTmcIR9T12MbPdDbA5OUHbdLZn13N5_4nZbxmVjbGLRI0FsrhIYlnXbCrwDLe5ANK4AYxczFQvUNeN7asjVWdUjpqE2R8IunS2VNp-RfZHoEZtSBhRLaRfb4vbrbcjxpBxjkaF4gNDk-UEpi4pyKJabrRuWkzLndrkLEktLETJwQmdpwwFISoHfeoY7EwO-Db0OvOww0xJrs1lMe7O2gMi2qtX2tYKCdCAZk9c4VBEZiq1mZEOhVlOEoC8HiR4l7KAlut66KQd1bcNRZ561nMjBAHMIEkekRkqI-B2XBmozPfFOPQRTkYA-g1eXdDgb9G087An6OO97lfc_swzbOOc2x6yBAg7IjNpIV4eUdxRx6u2hX-unMRs642SBerb5fVjOB_zHeNmjr39024hx8T7bH6jL4Av-4Y9zq_qs62e4dro_XLvP5GXDn7XD8NIe3N1e-LlfcWeBUd7Qzptrfi7HkhkQf3HrAzu_kH6wFrfvV1gH_ItW8qfRIc7ChD142el4qJEPFZMvFhx7nN1dnHdqeJkI43sLhz3sF2iQb1And_r9_ZVvz0On--uu7nrDvVvSOPRBYg2dLv4O0sGWno5LsBsGdNZ5cVkYC_QWzBuWCW1_dht4vnAgffmnlDPpHii_s818oo29GR4py_aWvZKePByC4VUnbYjOGvrnK160MJcg8oX39At_MAY_xPKBtKAEwxbvg5SeyPb_-OtFivqoXdmSHcZhDtolcXqjH5sgX3Ndl8IhsGgrF9d-xbiFMOYHq88756ayFpgnpavWL5YNTLmxOA6jnPTDKNlcpyXWRDVn3VSliMm1iZNZN4gaENEgoakDsjoBsyoVqYJYaVATU2hjJUmFH6o0qcKwXBFZqiKrEzYPk4KEWEMRpbG2kjz3VPJUkZCGm3LACJWaRBFqQ9KYKDXm-9KUTprzecaE_g-esS9LSFL2Q4rCv-PsZBL26D2HmrFDZEafEitIQlWFR74EmXUzB7FKW-FHNTJSpmSaOGq2Og6WCGgBnkI-PKXsCOkoKGl0tBSUFpScwYx9CyWxRpOqiDoVALNOnNQ2-PrjwP_NYK0y_n-MXX4i_Ws5eFoWl7TpwCj5uDDO0zCVbPg2m36SsTwphmcq9XkVx8FWT0rfnwpBKVb0-sTzP2QmXPv4LDFaXCwPJ5a-Wq6nxrIV_bw5fWf5J9XgaWbyP5zne9ah-_Uk-MLcst9pw_B8JwZbakXceWYSztYB1Kdp_IMRXLUedIwUn9w7sFPzeuFafIbZopkachVlrqTc3790HtaF89h-wsIcbgnvYXOfG6dPeEWLXZL2Q-MiZ2PPJD5L4BI4qUlScsWwJLNmS5jf14Xdo1ySARJSGr51z49gwg8GvcOZpCA3Tf3-f1P3XMxV9onPv9ShcvlzqLQdMqDbN288zT1j8pPsFFeyIqrJUI8EBZIhPCVRaAgNoJGFqhBeAvG5kNkqNcYmQsjb28xPg9h3B3va05aQHTDH0DhURKMrsibprg-sp-HpwaC46MVPDqwVP3VwT9oaUkuAGHe5PWR2N3f8Mnuva-qemZ7XLXt1QscZmNtTkGwhwx346r1c-dRDO5eS1s5M2oGMds0fv5W1peOh07c_1i7OTN5Cww7fHJXbqr6iprhYy0PHVAVEp5qcXbjPzvZjM1-7E9Al9SFWdiWWJczxS4ZatOJJSeAzKxNTI0A-mRjFpOYh9JTMetaQH3YFImC0xOShMl1iJxUckjAiU4WxIo4q2IAGGwg39roh7l3Li2w7SB7IHgz6UjC2vfgSkzrms-juuH8l3is_m6wvzi1r_mR3FxSOgrxWborqiVF-n7tlvO-2iDjS-2RMzDuYI4MtZFJwoaZCPjUN5CSLIeyCR33YfssoPxeJ2jXo_igdNFmmuFcm0WTJj2e8A8Pr6u4n_o3yo_t28vgmW8SGNxbcx2QnHBG8lB_IH6uuBJhHqD6OycwitWdWejWEBPVj5w6AvPgfRQa5FO8NAXl-ZjqCsDrHl6qbxfISILk_ZX3nEz5ZhbdqJSaTlt_2O-aY4LVIy-NwEntyfwcAweun_DYTAxdB-tqCuLc4BSVKiV8rmI4s6GHAsJ7i2LfaO-W3oquJcgz50Rl8-FLIYxlqnY_J1sfMydLUyMUDQHGRQQg9HUO9ifVPT9Qh1nfqKeivvR892cSoHmwrA7GOMN9yuhdh-wUsWgCSvu_G8v8MBMUeEXYk8ktf8ftcm5r70RTcvgnKIcuzL_oR7VtOrN845c1hjW23XkzYNtXUNbIkh3mTO7B_MtHF93C6yju_3xbvcys7QZw2ecCasGi2xrDt-noLnvAngNTyiNHfYa-WsYj_kzpGcRZql184jeAeuX0VlFPR-bdYf6wcUlaTsXDLMeE8GmyJ6XuUc5hJ6ZuG-T52lCpJYkMUwlskYxQ88CFGeIixWRtVBR3zEzfQrXQff1r6ICGtj3mt9OXm-Al86-0tGb0ff7_m02Dc7wfDqT_5Faqc2bjdeYjB637eLqnDtZzwP_R5_b9PbQ2h9TTzVRHQfTU6JwE76tDiYeMXkBhFgw3nz90tfczO1SVPsD37PvtAy3kHklVjguPCrCUwSLN6ebL2bt4K4xaDs1zR96j7wLsFgNX3HVp5zyWt-i2uSMlDmJaLmVeIiTl2Eu-WpePm4faxxJy8jmxuORSRM4DQfXEQWJr6kA4tvcWP4B1G5wgQFeWbz_laDtT_U7Gc5BwMf2H7rfBnDxn3J0ZPdF_AvyoJ1i93Piso39l_w1yOga09E01hBjsYNlP6QSJDxO78Z8IXZoaWXuqU4OT8wMnB_vXJWan0umFvtxweXHymFRViBAgQIKNYAQlQRAMARBRgrqHgWfRWqE-8oRPmduNsrbYhYvU5iuLrsZHveB74E1ZhuaCOGqYobSRWn8HkUPWv_qVtG-Dmhvw9M15WqRtJazrNdrz1OUQrL0mxWrZ0oLct0MrJR9KLG_frXZwDJxTkKPlT2zEXXDz6rnNeQ8HNDnHuHAcy-2pvK13eOXvZhmuXC9aLyCSQ3j70RAVo9tzm73fkmy3qMK4LZ_JfTtZm8ozXP9DClw6ZpIs2s3IuBMLi_xO0hWn7rO2kFrkX5mR3ZPO1IVeIIyHc_72cf6KOoGaIBee1GPtl3kJMVAbX0AObig8VPDYrL--bCMqXJr75LrOGMzNeDDB8jsTMbV0_l21_TolJ5zVnIa2Yl-2Bt7aS86BG75_DlnLNOka0FxCuI5fPZ3PNmVInyEb0FYAOWReEL-cK8ikmbDHP60OFLUCNV37RseFGlBnNkZES7zTg5OPaCc62qrMF2VpbWRQt9HYTXRasvwlJtaH0WmzHLCKsfbYVj_aIYzmFYf9ErMdrVjRyNv1Qae359WTWbWedY_9T9o3lKKi7MGS5yPhFmmeWkdzRKMo99kmahi35PnBtYz1DG4rqaUZQ3ixxy8uPxmpXAfYk9c0HV5Z8mSUwP4kf90Uot53IIoX_SViNXFNEdQxYwLfwjy3IlYW5BMddfPp2ufkOZvane8PafnXWzzSfy0XWs9rK8Cw6WWw9dPYLZtLcjl3WSl6r9ro9MYK7XPifJL8vK16R&uniformat=true&callback=Ya%5B7238484806945%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://e-pitanie.ru
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1668192310592297-1608994730195301504600109-production-app-host-sas-pcode-202
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
date: Fri, 11 Nov 2022 18:45:10 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Fri, 18-Nov-2022 18:45:10 GMT
i=O9Ew2KJq+uEENKEZNh9+BvMowHXqMQbww8Xje3+674LqzVS6xY7yArxxZMyTeEsjBMK30p+RbkEgC5FMWBa3O2PmbnY=; Expires=Sun, 10-Nov-2024 18:45:10 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Fri, 11 Nov 2022 18:45:10 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5c7d604797834032c6471d2ba1c8cf91
d5a9fd5135a1f2bc3c75413929eb2d8a24b75498
50058278f326f41bff8710b9ad2e3b5f9f1943b80abc525100178246740f9ad5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50058278F326F41BFF8710B9AD2E3B5F9F1943B80ABC525100178246740F9AD5"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5792
Expires: Fri, 11 Nov 2022 20:21:42 GMT
Date: Fri, 11 Nov 2022 18:45:10 GMT
Connection: keep-alive
yastatic.net/s3/games-static/favicons/icon-192.png
200 OK 24 kB URL HTTP/2 yastatic.net/s3/games-static/favicons/icon-192.png
IP
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7819c957eaa80af5bf14f760d49b64a7
93b670523acd14f884c3a538d59d408da0888a6c
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
GET /s3/games-static/favicons/icon-192.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/png
content-length: 24134
access-control-allow-origin: *
cache-control: public, max-age=216013
etag: "7819c957eaa80af5bf14f760d49b64a7"
expires: Mon, 14 Nov 2022 06:41:59 GMT
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: d3398ecc3f1f715d
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash ce0cddb8f3d5abe32adc0478da463e2e
d7413ee8821e5fb0c1ab5f036598d5e246b6d5bc
7c995bdd97e8dc7af5a3eb48920bfdbcdbf3242f8a9d00c5a489285666b804a3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 15 Nov 2022 16:20:26 GMT
ETag: "d7413ee8821e5fb0c1ab5f036598d5e246b6d5bc"
Last-Modified: Fri, 11 Nov 2022 16:20:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3241
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef77f62b511-OSL
yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
200 OK 6.3 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23297)
Hash eb77de48712912aadc9aa8171ac75ede
f375e4ed6b585c4e30b2d56f4f41c3beed909349
437ee0c22002ccd77158d7a7018113f26384324158ab3cef65373007f29b1bcf
GET /safeframe-bundles/0.83/1-1-0/render.html HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 11 Nov 2052 01:16:11 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 0a03aa32951e908981939ce8876233ff
5108e4c6d38989881159b05569b6382eef59522f
6ff5d72b45a8dad393feae29feee52ee6b3777e5ebf9798286858679184a7ead
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 15 Nov 2022 16:25:51 GMT
ETag: "5108e4c6d38989881159b05569b6382eef59522f"
Last-Modified: Fri, 11 Nov 2022 16:25:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 358
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef79fafb518-OSL
f84b6aba-61f0-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL HTTP/1.1 f84b6aba-61f0-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: f84b6aba-61f0-11ed-86e0-002590c0647c.n1.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash ce0cddb8f3d5abe32adc0478da463e2e
d7413ee8821e5fb0c1ab5f036598d5e246b6d5bc
7c995bdd97e8dc7af5a3eb48920bfdbcdbf3242f8a9d00c5a489285666b804a3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 15 Nov 2022 16:20:26 GMT
ETag: "d7413ee8821e5fb0c1ab5f036598d5e246b6d5bc"
Last-Modified: Fri, 11 Nov 2022 16:20:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3242
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef7cfecb511-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cc6bc0328a0b47b32c004162363f93e7
ea2e2e8dc44f9f53d1329b44683455b8cb95113b
0d8a3c793b15d06d3ad4d4d1b4a637711cda1aaf113443fa9137077ba5edf1b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-6114754636; expires=Sun, 10 Nov 2024 18:45:11 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6114754636
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Length: 0
Connection: close
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1503420A35986E63440140BC0214CD18
204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1503420A35986E63440140BC0214CD18
IP
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 11 Nov 2022 18:45:11 GMT
set-cookie: uid=XV9maWNumDcnJ4G6pnrHAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
200 OK 958 B URL HTTP/2 an.yandex.ru/event_confirmation
IP
Hash 834c92bd5f335cce64fd9ab8de53ec19
948320db68d274f478884614454a97004fa5dfda
3aff7df5a97378282491521c97ab9315016605d04148f931d95e9d7cfb72d1e2
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 297
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 181ac790edf990cecd9480cb21888ea7
2ba50fc30051de77c9ecc32c1f7653e7e272da83
e07ab0b553fa47a3e66a1ac61759c6dfdd21758823e3a8ce50ee6655342f60ad
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 11 Nov 2022 17:01:16 GMT
Expires: Sat, 12 Nov 2022 17:01:16 GMT
ETag: "2ba50fc30051de77c9ecc32c1f7653e7e272da83"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A35986E63440140BC0214CD18
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A35986E63440140BC0214CD18
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:10 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=FQNCCjWYbmNEAUC8AhTNGA
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=FQNCCjWYbmNEAUC8AhTNGA
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=FQNCCjWYbmNEAUC8AhTNGA HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Fri, 11 Nov 2022 18:45:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Fri, 11 Nov 2022 18:45:11 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3306537490
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 11 Nov 2022 18:45:11 GMT
set-cookie: AFFICHE_W=aHDLqujrNtNo68; expires=Sat, 09 Dec 2023 18:45:11 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/746018/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A240329740%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 371 B URL HTTP/2 mc.yandex.ru/watch/746018/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A240329740%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (371), with no line terminators
Hash 281f50c4471e7a10571f8f34769261a0
bda1af1f8615bac40c10b12e536575dc3ffe62cd
aa46624b43eabef5df79f373be7283677c218d42e8eca170928626d7596df44c
GET /watch/746018/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A240329740%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Referer: https://e-pitanie.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 371
date: Fri, 11 Nov 2022 18:45:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:11 GMT
last-modified: Fri, 11-Nov-2022 18:45:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRmODRiNmFiYS02MWYwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ad.mail.ru/cm.gif?p=48&id=1503420A35986E63440140BC0214CD18
200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1503420A35986E63440140BC0214CD18
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:45:11 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=1x77go1Yoe2D002Am402m0ID:::0-0-0-888f0f7:CAASEGAYh8oMPws39e__AcfDvGoaYBZa4piRNcMMWDoNP4zY_lh3paJruthI3sdTc1Rg628NuJ_1azjpeYCg_snN-FNJddrbm3zanOQI3Qag9MY5_-mEP5CK3a-Gj8gZ8zO8gAvwNOf-BqcOFy5bCKSSN2Y6yw; path=/; expires=Sun, 12-Nov-23 18:45:11 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Sat, 12 Nov 2022 00:45:11 GMT
cache-control: max-age=21600
last-modified: Fri, 11 Nov 2022 18:45:11 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ocsp.usertrust.com/
200 OK 472 B IP
Hash 9392dc2ac2f05f39d898cfaa56b5fdc7
8b9a3c4abed6daae0ef8d22bf730a86d2a3feee8
3bd43e4e4cde74e53c2d5d5307a2d768cd97d02374037b82f4f1ecf7881308d0
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 16:18:22 GMT
Expires: Thu, 17 Nov 2022 16:18:21 GMT
Etag: "8b9a3c4abed6daae0ef8d22bf730a86d2a3feee8"
Cache-Control: max-age=603764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 845
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef8a9b1b4eb-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 54c6a329445235e0afc5d01cf69043b5
d921690672b111a6e64c0dcf959caf0d83164926
69060ddc346362fb6471dbb28db5c05bf909e0f29d0c379808f514840171a9bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69060DDC346362FB6471DBB28DB5C05BF909E0F29D0C379808F514840171A9BB"
Last-Modified: Wed, 09 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12714
Expires: Fri, 11 Nov 2022 22:17:05 GMT
Date: Fri, 11 Nov 2022 18:45:11 GMT
Connection: keep-alive
an.yandex.ru/rtbcount/1P1LEXEQ0Ti100000000U9nJDDlY6x-5eL30KF-pIdPRpeyOIxCPUSaCGE094mdjCBgS6QkKnCsGoWWKpzJ_d18F4Yy5yMhBWKGh8uZi1F61W8bX9cEj58Iza56D7S9QoHZ1167jPPo_cvVXA9X_bf4PA7AL4QJrBYE330F3NyPPGF6vJ22HfKmtWEorJ550zbcc_q3mYac0SyNA0FtF30nwuk9UPczP6VuoWOnePMO5ahtCYa1oAZD8yrncDf2rp4mC2Y1RMJOosnZN9ZDQ_Z4-oMpcKdDoZeSIsrMmohjWyYUpWnC_nD4iayyqW5ahMFwQR61XtC72Ue25yIOBnFqVx1-o21nKufxszuhzMnQGBnQmyfvatSF51PQ-mDhGqC1oazNCPitM0tr_sRwoWXpUmTR0CeFjok7W1MpTUpPlQFrxPd_PIZQOCGVOF4wmCJzYuorBShRApYg8I0pEI35_oGQpy2USDP5zrQagazu_R-rdiREPcLiQ6bXiO6VQmSvpWbty0NlxwuPTprTS_cByWvq701p2Y8W0
200 OK 553 B URL HTTP/2 an.yandex.ru/rtbcount/1P1LEXEQ0Ti100000000U9nJDDlY6x-5eL30KF-pIdPRpeyOIxCPUSaCGE094mdjCBgS6QkKnCsGoWWKpzJ_d18F4Yy5yMhBWKGh8uZi1F61W8bX9cEj58Iza56D7S9QoHZ1167jPPo_cvVXA9X_bf4PA7AL4QJrBYE330F3NyPPGF6vJ22HfKmtWEorJ550zbcc_q3mYac0SyNA0FtF30nwuk9UPczP6VuoWOnePMO5ahtCYa1oAZD8yrncDf2rp4mC2Y1RMJOosnZN9ZDQ_Z4-oMpcKdDoZeSIsrMmohjWyYUpWnC_nD4iayyqW5ahMFwQR61XtC72Ue25yIOBnFqVx1-o21nKufxszuhzMnQGBnQmyfvatSF51PQ-mDhGqC1oazNCPitM0tr_sRwoWXpUmTR0CeFjok7W1MpTUpPlQFrxPd_PIZQOCGVOF4wmCJzYuorBShRApYg8I0pEI35_oGQpy2USDP5zrQagazu_R-rdiREPcLiQ6bXiO6VQmSvpWbty0NlxwuPTprTS_cByWvq701p2Y8W0
IP
Hash f74067b567a988d7ba4fd8bb16f9b579
7625f5b6a83b10e84822ee5aa1bfd1bd20d02091
139c3695e50057220f965f2ea76ee36c2d8b8b31d9f3c7b179c5e1007a76c27d
GET /rtbcount/1P1LEXEQ0Ti100000000U9nJDDlY6x-5eL30KF-pIdPRpeyOIxCPUSaCGE094mdjCBgS6QkKnCsGoWWKpzJ_d18F4Yy5yMhBWKGh8uZi1F61W8bX9cEj58Iza56D7S9QoHZ1167jPPo_cvVXA9X_bf4PA7AL4QJrBYE330F3NyPPGF6vJ22HfKmtWEorJ550zbcc_q3mYac0SyNA0FtF30nwuk9UPczP6VuoWOnePMO5ahtCYa1oAZD8yrncDf2rp4mC2Y1RMJOosnZN9ZDQ_Z4-oMpcKdDoZeSIsrMmohjWyYUpWnC_nD4iayyqW5ahMFwQR61XtC72Ue25yIOBnFqVx1-o21nKufxszuhzMnQGBnQmyfvatSF51PQ-mDhGqC1oazNCPitM0tr_sRwoWXpUmTR0CeFjok7W1MpTUpPlQFrxPd_PIZQOCGVOF4wmCJzYuorBShRApYg8I0pEI35_oGQpy2USDP5zrQagazu_R-rdiREPcLiQ6bXiO6VQmSvpWbty0NlxwuPTprTS_cByWvq701p2Y8W0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 11 Nov 2022 18:45:11 GMT
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:11 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1503420A35986E63440140BC0214CD18?redir-setuniq=1
200 OK 50 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1503420A35986E63440140BC0214CD18?redir-setuniq=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /mapuid/sapeis/1503420A35986E63440140BC0214CD18?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 11 Nov 2022 18:45:10 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0f642f3bd505f72e84af41922d468c97
4838a0b173b5397a817a6a431615ff9c779c2091
1df3c011c5ce385734364f75c1cca9a5b073d1b213289086de8e4eb09316ce0a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 16:09:16 GMT
Expires: Fri, 18 Nov 2022 16:09:15 GMT
Etag: "4838a0b173b5397a817a6a431615ff9c779c2091"
Cache-Control: max-age=594843,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76892ef899a6b4eb-OSL
an.yandex.ru/event_confirmation
200 OK 6.5 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP
Hash c9474b18d5190da7ee576da792dbc6a6
b970785ae535fce7f755807a76abcf1dbfa4f553
48835bf5b9a00031b58d59555fd4e32ea6d0d2d874146a78ca544e6f18a4c93d
OPTIONS /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://e-pitanie.ru/
Origin: https://e-pitanie.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 11 Nov 2022 18:45:10 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90a78b0f806c0c5ef5e7128cc37b2edf
7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc
770a2247a0f8d6b44c61cecc8a11e9882e4dd39269e181eef52cf6816407022b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50b47142-be82-4ddc-85e8-45dc7102abe9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6696
x-amzn-requestid: 19f91da1-beeb-400a-b4c0-059851ca839f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ_F3doAMFr6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-2ef73e121ff2c3cf0e95b450;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GgmLFeCzBEuR8gcEDGr8nBYW4xUUkIKZi0m8_TZ5quDeLmkROXm2_g==
via: 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 07:45:28 GMT
age: 39583
etag: "7339ad7b4f37cc37cb712207a7b3a5ac9355d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash c782b52d6a3559c15369d2cc5c76df12
7c39de3c1d29824b7937b1a1a44081fc9cf2f654
3233670c8b3234e95e8daa1c0d3bff54a9e14d0d9a07275c158556e136b894b7
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:24:37 GMT
ETag: "7c39de3c1d29824b7937b1a1a44081fc9cf2f654"
Last-Modified: Fri, 11 Nov 2022 17:24:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1061
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef8fa00b511-OSL
sape-sync.rutarget.ru/sync
302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=pkx8DxDKWTPs
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=pkx8DxDKWTPs; Path=/; Domain=.rutarget.ru; Expires=Wed, 10 May 2023 18:45:11 GMT; SameSite=None; Secure
an.yandex.ru/mapuid/sapeis/1503420A35986E63440140BC0214CD18
302 Found 8.6 kB URL HTTP/2 an.yandex.ru/mapuid/sapeis/1503420A35986E63440140BC0214CD18
IP
Hash 28942649667755ee96a8ecce14580b28
c1511f246aa11355b7aac0321674f211ab832d19
2b0a6cc538b5df025e6e8cd7cc12fbdb9706b893ce624ce967cbe09d8f5b111f
GET /mapuid/sapeis/1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1503420A35986E63440140BC0214CD18?redir-setuniq=1
date: Fri, 11 Nov 2022 18:45:10 GMT
set-cookie: yandexuid=4167555651668192310; domain=.yandex.ru; path=/; expires=Mon, 08-Nov-2032 18:45:10 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng
302 Found 5.6 kB URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng
IP
Hash a4812ab86b23e3bac9151d0dcdac1877
2d7554e479a18b33ab9c2dbf1089eaa2ee4590b2
e258a406fece9e9cc9971742932f06e28869458c2130d44626fc5261302d6e58
GET /mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng?redir-setuniq=1
date: Fri, 11 Nov 2022 18:45:10 GMT
set-cookie: yandexuid=3631659611668192310; domain=.yandex.ru; path=/; expires=Mon, 08-Nov-2032 18:45:10 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2aaf208b3ea5b7522c6958f62c2c8c7c
48e86b3a1f0c941923931048b05a1290df9222a9
a001848d4360c53359ef775920aab28c8062faa18b3464395654590a90200c21
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 14:18:44 GMT
Expires: Tue, 15 Nov 2022 14:18:43 GMT
Etag: "48e86b3a1f0c941923931048b05a1290df9222a9"
Cache-Control: max-age=329011,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76892ef7ce80b50c-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6114754636
302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6114754636
IP
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6114754636 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 10 Nov 2024 18:45:11 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
tag.digitaltarget.ru/adcm.js
200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Fri, 11 Nov 2022 18:34:34 GMT
Connection: keep-alive
ETag: "636e95ba-beb"
Accept-Ranges: bytes
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
tuuid=5960a2fb-f4cd-523b-b644-3d9bd52aa5ac; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
ut=Y26YNwADkhAFZVEKCVFxwAVxz8DaQBkesRPSOw==; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88c9931a009690991e73c5b37a1aa085
815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0
74e70391889e4b46742033b1d5daccfec415ba2ee999e429d1013fd4a1ebc61a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad1abae5-6437-44bf-8428-756b825e5be6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8294
x-amzn-requestid: 5dab4522-fca9-4ada-ad6f-3305c9686315
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ4u3H7PoAMF02g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6e5e-756c150c40fe6fff3ae7a609;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FXIS1Gr_-3RUm6WPZCVcjaefD3hehHV-IwO-ieFeUqeoPAE7vajlsg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 10 Nov 2022 21:46:51 GMT
etag: "815a4a1eb8c8e2a138fb3d65ba777b0c18fa15d0"
content-type: image/jpeg
age: 75500
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e72f32944d6f03e005f7b6f3e87d8c72
5fe340bf33ac219f6a3d44810f31d0a8796c83a9
bcdcba30210d276996d0fe749bbfc69d666ae11ddfbfdb57307e4bb4d6e43d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e7dc40a-e47f-44b5-b3b4-87b10cd8669d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10671
x-amzn-requestid: 1b6053eb-64ac-4c24-a750-c1b8cd69157f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJEh8GxPoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366b472-56c6a3bc07ec89ab56d4f3bd;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 19:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qJeWGvC4DM_d3k66OHN2V19elou-xoSNkep1BNalBO0NtKyQtAFzNQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 03:31:46 GMT
age: 54805
etag: "5fe340bf33ac219f6a3d44810f31d0a8796c83a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cc6bc0328a0b47b32c004162363f93e7
ea2e2e8dc44f9f53d1329b44683455b8cb95113b
0d8a3c793b15d06d3ad4d4d1b4a637711cda1aaf113443fa9137077ba5edf1b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
x01.aidata.io/0.gif?pid=9401454&id=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1503420A35986E63440140BC0214CD18
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:45:11 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1503420A35986E63440140BC0214CD18&bounce=1
expires: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
set-cookie: __upin=nHngPa1PBX6z1DCW9txhjw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1668192311;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
mc.yandex.ru/watch/746018?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A240329740%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)ecs(1)fip(1)rqnl(1)ti(2)
302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/746018?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A240329740%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)ecs(1)fip(1)rqnl(1)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/746018?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A240329740%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/746018/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A240329740%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-origin: https://e-pitanie.ru
set-cookie: yandexuid=7006674351668192310; Expires=Sat, 11-Nov-2023 18:45:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7006674351668192310; Expires=Sat, 11-Nov-2023 18:45:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=74682991668192310; Path=/; SameSite=None; Secure
i=J4KRLsVJsbnqUNtM15roHYcj386UT1zp5TbtsfA//os5YaD9UgabL0dd/JgFkqUc6dkBxKSWH3gSHsNtBK0M8XZ+Wxs=; Expires=Mon, 08-Nov-2032 18:45:08 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728310.yrts.1668192310#1699728310.yrtsi.1668192310; Expires=Sat, 11-Nov-2023 18:45:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:10 GMT
last-modified: Fri, 11-Nov-2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=pkx8DxDKWTPs
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=pkx8DxDKWTPs
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=pkx8DxDKWTPs HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:11 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 8074e996d2f5bcb0fa67bc353b5c979b
607820b47152ab7021238115f6590db9a941e570
a275e4ec1168f40e414a2824dc8b7aec7970982af59ffcc7f196cb629e5fed87
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:31:22 GMT
ETag: "607820b47152ab7021238115f6590db9a941e570"
Last-Modified: Fri, 11 Nov 2022 17:31:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 419
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892ef94dc6b523-OSL
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 11 Nov 2022 18:45:11 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A35986E63440140BC0214CD18
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=1503420A35986E63440140BC0214CD18&bounce=1
204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1503420A35986E63440140BC0214CD18&bounce=1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1503420A35986E63440140BC0214CD18&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 11 Nov 2022 18:45:11 GMT
expires: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
set-cookie: __upin=o62z2JBNhVGb1Oibh2A/wQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1668192311;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
tuuid=5e12adf8-5d0e-523b-98b3-0017fbdd9820; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
ut=Y26YNwAEJoCaTaJtjgt5Ga3hR6W8W6jkaovuyw==; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1503420A35986E63440140BC0214CD18
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 11 Nov 2022 18:45:11 GMT
content-length: 0
x-backend-id: f5-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=e9sE5b62AxF.AikABlGEaAKX0w;Path=/;Domain=.adhigh.net;Expires=Sat, 11-Nov-2023 18:45:11 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1503420A35986E63440140BC0214CD18&bounced=1
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 181ac790edf990cecd9480cb21888ea7
2ba50fc30051de77c9ecc32c1f7653e7e272da83
e07ab0b553fa47a3e66a1ac61759c6dfdd21758823e3a8ce50ee6655342f60ad
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 11 Nov 2022 17:01:16 GMT
Expires: Sat, 12 Nov 2022 17:01:16 GMT
ETag: "2ba50fc30051de77c9ecc32c1f7653e7e272da83"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A35986E63440140BC0214CD18
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A35986E63440140BC0214CD18
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
200 Ok 95 B URL HTTP/1.1 ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 60cf42b4d05caf10cf8bb15c0817a7b4
bd269860bb508aebcb6f08fe7289d5f117830383
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
GET /static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes HTTP/1.1
Host: ysa-static.passport.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.14.2
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: image/png
Content-Length: 95
Connection: close
Cache-Control: private
Expires: Sat, 12 Nov 2022 18:45:11 GMT
X-RT-IQ: 0.0001
X-RT-IH: 0.0001
Strict-Transport-Security: max-age=315360000; includeSubDomains
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0f642f3bd505f72e84af41922d468c97
4838a0b173b5397a817a6a431615ff9c779c2091
1df3c011c5ce385734364f75c1cca9a5b073d1b213289086de8e4eb09316ce0a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 16:09:16 GMT
Expires: Fri, 18 Nov 2022 16:09:15 GMT
Etag: "4838a0b173b5397a817a6a431615ff9c779c2091"
Cache-Control: max-age=594843,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76892ef85897b4f4-OSL
mc.yandex.ru/watch/746018/1?page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&cnt-class=1&hittoken=1668192311_58d2f4e294063cb10e07d34bf2d0edd811270b83e7f3c2ddf0d173e5bd2f8833&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A507980851%3Arqn%3A2%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-2-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/746018/1?page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&cnt-class=1&hittoken=1668192311_58d2f4e294063cb10e07d34bf2d0edd811270b83e7f3c2ddf0d173e5bd2f8833&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A507980851%3Arqn%3A2%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-2-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/746018/1?page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&cnt-class=1&hittoken=1668192311_58d2f4e294063cb10e07d34bf2d0edd811270b83e7f3c2ddf0d173e5bd2f8833&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A507980851%3Arqn%3A2%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-2-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Referer: https://e-pitanie.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 11 Nov 2022 18:45:11 GMT
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:11 GMT
last-modified: Fri, 11-Nov-2022 18:45:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=673517947361190
200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=673517947361190
IP
File type ASCII text, with very long lines (15897), with no line terminators
Hash c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0
GET /processor.js?i=673517947361190 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Fri, 11 Nov 2022 18:34:35 GMT
Connection: keep-alive
ETag: "636e95bb-3e19"
Accept-Ranges: bytes
ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A35986E63440140BC0214CD18
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A35986E63440140BC0214CD18
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1503420A35986E63440140BC0214CD18&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
tuuid=51ce0b52-6d84-523b-a15e-d6acc2304e9b; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
ut=Y26YNwAFMCCieohtgt85WCqo6BNd-QKqaCeSfg==; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1503420A35986E63440140BC0214CD18&bounced=1
200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1503420A35986E63440140BC0214CD18&bounced=1
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1503420A35986E63440140BC0214CD18&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:45:11 GMT
content-type: image/gif
content-length: 49
x-backend-id: f5-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A35986E63440140BC0214CD18&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A35986E63440140BC0214CD18&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=1503420A35986E63440140BC0214CD18&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
tuuid=a066a329-89cb-523b-915e-8b71f2301346; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
ut=Y26YNwAGPaip5bA3RPP5Dfa5-fyZxyFbYzfLEg==; Max-Age=31536000; Expires=Sat, 11 Nov 2023 18:45:11 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng?redir-setuniq=1
200 OK 1.5 kB URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng?redir-setuniq=1
IP
Hash 0af8a18ec1e3dfe82b44bd42e133b008
fa4bd8e47483ce759ca44fed02bc68f82b25b18c
d561fae90034fb23f91292ebbb3d7a486e02586bc8fa7fee8700f7683374b245
GET /mapuid/gonetdspis/MjI4ZjZkOTc2NmIxNjM5Ng?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 11 Nov 2022 18:45:10 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/4969662/e_yed4qaqMvukFUNw1kfGg/x90
200 OK 3.0 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/4969662/e_yed4qaqMvukFUNw1kfGg/x90
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 90x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2fb757ef662b2e37f2036f0eb703586c
31307c78f38667890fc8e39c521403f779f263db
debc562cd0be100e1e7b62c292df46e109bd4fe4b6f6e04c79d8b8cad04f4f1a
GET /get-direct/4969662/e_yed4qaqMvukFUNw1kfGg/x90 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 11 Nov 2022 18:45:11 GMT
content-type: image/webp
content-length: 3026
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Mon, 19 Sep 2022 15:44:51 GMT
cache-control: max-age=31536000,immutable
x-request-id: fdc28582e55081b3
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash defd2154cadc1094e1478930e3c564e1
e6706f8ecc4c75e118d05bf484378aa0777b2f11
787711ecc3b17222503ae4c9dd378b2374c879a405393cb0392f6404fb6f783d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "787711ECC3B17222503AE4C9DD378B2374C879A405393CB0392F6404FB6F783D"
Last-Modified: Wed, 09 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5745
Expires: Fri, 11 Nov 2022 20:20:56 GMT
Date: Fri, 11 Nov 2022 18:45:11 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=827879866808086.795355316470598&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=827879866808086.795355316470598&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=827879866808086.795355316470598&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1668192311508&i=827879866808086.795355316470598&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=qE2v76dWwMVsbHV7bD2o; Max-Age=93312000; Expires=Sun, 26 Oct 2025 18:45:11 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=827879866808086.725449415913717&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=827879866808086.725449415913717&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=827879866808086.725449415913717&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1668192311513&i=827879866808086.725449415913717&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=f9fGbaVWeMMInK075yZ-; Max-Age=93312000; Expires=Sun, 26 Oct 2025 18:45:11 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1668192311513&i=827879866808086.725449415913717&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1668192311513&i=827879866808086.725449415913717&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1668192311513&i=827879866808086.725449415913717&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 31
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1668192311508&i=827879866808086.795355316470598&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1668192311508&i=827879866808086.795355316470598&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1668192311508&i=827879866808086.795355316470598&a=77&e=1503420A35986E63440140BC0214CD18&pref=https%3A%2F%2Fe-pitanie.ru%2F&c=ss:77.up:1503420A35986E63440140BC0214CD18.sync:up.xdua:ducf7vi6P9Euoo6SawFuW4r9.xps:xpsJsRO4HmUyuXvzqB2eb48nl.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:11 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 37
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
status.thawte.com/
200 OK 471 B IP
Hash 249808bbebfdec8cdf0f6c590e165790
86788bd50bbb4e1af0b776613e21c3e6661d6e84
c47aab4e859076c6357c7a25b58ddd19c0207cc97aadad1a550860b651e32edf
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5593
Cache-Control: max-age=104098
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:12 GMT
Etag: "636d7601-1d7"
Expires: Sat, 12 Nov 2022 23:40:10 GMT
Last-Modified: Thu, 10 Nov 2022 22:06:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
sm.rtb.mts.ru/p?ssp=sape&id=1503420A35986E63440140BC0214CD18
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1503420A35986E63440140BC0214CD18
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 11 Nov 2022 18:45:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A35986E63440140BC0214CD18
Set-Cookie: dspid=478bb1b3-3165-46d9-a531-a737d25ca881; expires=Thu, 02 Nov 2023 18:45:12 GMT; domain=.mts.ru; path=/; secure; SameSite=None
sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A35986E63440140BC0214CD18
200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A35986E63440140BC0214CD18
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 11 Nov 2022 18:45:12 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
www.acint.net/ping/?v=0.4.0&uid=4956035a-c22c-438f-8eb6-b172ec83e3d5&dp=10&tz=%2B00%3A00&nc=43343830&dT=2022-11-11T18%3A45%3A12.451
200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=4956035a-c22c-438f-8eb6-b172ec83e3d5&dp=10&tz=%2B00%3A00&nc=43343830&dT=2022-11-11T18%3A45%3A12.451
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=4956035a-c22c-438f-8eb6-b172ec83e3d5&dp=10&tz=%2B00%3A00&nc=43343830&dT=2022-11-11T18%3A45%3A12.451 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU; cSyncDp7v2=1668192309; cSyncDp14v3=1668192309; cSyncDp17=1668192309; cSyncDp32=1668192309; cSyncDp45v3=1668192309; cSyncDp53=1668192309; cSyncDp54v2=1668192309; cSyncDp62=1668192309; cSyncDp67v2=1668192309; cSyncDp68=1668192309; cSyncDp71=1668192309; cSyncDp77=1668192309; cSyncDp84=1668192309; cSyncDp85=1668192309; cSyncDp95v3=1668192309; cSyncDp101=1668192309; cSyncDp104v2=1668192309; cSyncDp107=1668192309; cSyncDp110=1668192309; cSyncDp111v2=1668192309; cSyncDp112v2=1668192309; cSyncDp125v2=1668192309; cSyncDp126=1668192309; cSyncDp127=1668192309; cSyncDp129=1668192309; cSyncDp136v2=1668192309; cSyncDp138=1668192309; cSyncDp144=1668192309; cSyncDp146=1668192309; cSyncDp148=1668192309; cSyncDp149v2=1668192309; cSyncDp151=1668192309; cSyncDp178=1668192309; cSyncDp179=1668192309; cSyncDp186=1668192309; cSyncDp221=1668192309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:12 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash a2d7f90e60ba7170bd25e2d3103cf901
a027a1ab69ce6264c1adbec776f4cca5be14b14e
dc26baab5a3af8b9da2ed3f2f03a0afb40665022727193c887b3eaddb9270051
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 11 Nov 2022 18:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 15 Nov 2022 17:24:57 GMT
ETag: "a027a1ab69ce6264c1adbec776f4cca5be14b14e"
Last-Modified: Fri, 11 Nov 2022 17:24:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 618
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76892f04bc6cb511-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c31ad8fe6e23cb0520664328af11aafe
2de8914a2c9403e005620091028b3d5a9ddb1be1
4d9fce77982afe85b194bdc6578c3eb1a15de33f66b2fe495fd2a269ec4e3873
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c31ad8fe6e23cb0520664328af11aafe
2de8914a2c9403e005620091028b3d5a9ddb1be1
4d9fce77982afe85b194bdc6578c3eb1a15de33f66b2fe495fd2a269ec4e3873
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c31ad8fe6e23cb0520664328af11aafe
2de8914a2c9403e005620091028b3d5a9ddb1be1
4d9fce77982afe85b194bdc6578c3eb1a15de33f66b2fe495fd2a269ec4e3873
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c31ad8fe6e23cb0520664328af11aafe
2de8914a2c9403e005620091028b3d5a9ddb1be1
4d9fce77982afe85b194bdc6578c3eb1a15de33f66b2fe495fd2a269ec4e3873
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yastatic.net/q/set/s/rsya-tag-users/bundle.js
200 OK 52 kB URL HTTP/2 yastatic.net/q/set/s/rsya-tag-users/bundle.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 18eaf277d0e18406c360b855a95bf1c4
8deb1119542827fc9fd7364bf58a1955662aa46c
220a1f4f3cab8dde7ae298ebdc1ccf2cafc3117342e0ce8a9ae391f0a24f45cc
GET /q/set/s/rsya-tag-users/bundle.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Fri, 11 Nov 2022 18:45:12 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
expires: Mon, 14 Nov 2022 06:40:50 GMT
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 3d35782cad90bf14
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OZhuY9j4DuKY7APgi4CoCw&random=275123941&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=OZhuY5mED46pYIqotagJ&random=1990192278&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1db01334ecc26bd0e3dab312f266c116
d86c1a84e6439f63e61a27c1d6cc14f7d875f311
8bf2661a1d2b7438c1339559c07a782a59cd212f163f86b42bf51657d6897d96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/746018?page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&cnt-class=1&hittoken=1668192311_58d2f4e294063cb10e07d34bf2d0edd811270b83e7f3c2ddf0d173e5bd2f8833&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A507980851%3Arqn%3A2%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)rqnl(1)ti(2)
302 Found 1.1 kB URL HTTP/2 mc.yandex.ru/watch/746018?page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&cnt-class=1&hittoken=1668192311_58d2f4e294063cb10e07d34bf2d0edd811270b83e7f3c2ddf0d173e5bd2f8833&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A507980851%3Arqn%3A2%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)rqnl(1)ti(2)
IP
File type gzip compressed data, from Unix\012- data
Hash 4c8568343c3142e10baee60baf61ec8c
c7e4aa6ecfa3e4800a4aa49dd90a4cbd128b7643
0faa7f9b77f496bd6ba970e5139e6a67f03951a4d7e2387916143bc4decbf6f6
GET /watch/746018?page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&cnt-class=1&hittoken=1668192311_58d2f4e294063cb10e07d34bf2d0edd811270b83e7f3c2ddf0d173e5bd2f8833&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A507980851%3Arqn%3A2%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/746018/1?page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&cnt-class=1&hittoken=1668192311_58d2f4e294063cb10e07d34bf2d0edd811270b83e7f3c2ddf0d173e5bd2f8833&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A690853702806%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192311%3Ac%3A1%3Arn%3A507980851%3Arqn%3A2%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1668192307990%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192311%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29mc%28p-2-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29ecs%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 11 Nov 2022 18:45:11 GMT
access-control-allow-origin: https://e-pitanie.ru
set-cookie: yandexuid=9958489911668192311; Expires=Sat, 11-Nov-2023 18:45:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9958489911668192311; Expires=Sat, 11-Nov-2023 18:45:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1852128341668192311; Path=/; SameSite=None; Secure
i=PXFeUEVhIM53IJHN2eWGerHqQnR4Vq7LvA0dcKGNiQvSHbXIleCGC1uFUbHtJfOsOk7drUATOy/DNvv2To2RjwtCuOs=; Expires=Mon, 08-Nov-2032 18:44:57 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728311.yrts.1668192311#1699728311.yrtsi.1668192311; Expires=Sat, 11-Nov-2023 18:45:11 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:11 GMT
last-modified: Fri, 11-Nov-2022 18:45:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1175213569901%3Ahid%3A811434433%3Az%3A0%3Ai%3A20221111184512%3Aet%3A1668192313%3Arn%3A233244381%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Ast%3A1668192313&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1175213569901%3Ahid%3A811434433%3Az%3A0%3Ai%3A20221111184512%3Aet%3A1668192313%3Arn%3A233244381%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Ast%3A1668192313&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash cc2c34f121fb0fea350ae0c755630f4f
c499773bd9033b1c20074b60b0d586fd3e980b1b
939c361ca74abc7aeb83222192210227599f8a09ddbe822d7e641d80a09196f1
GET /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1175213569901%3Ahid%3A811434433%3Az%3A0%3Ai%3A20221111184512%3Aet%3A1668192313%3Arn%3A233244381%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Ast%3A1668192313&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Fri, 11 Nov 2022 18:45:13 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://yastatic.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:13 GMT
last-modified: Fri, 11-Nov-2022 18:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a7d7a5379a732fc5eadab78de886cc31
6df8c63644e97bf57262415f24e270c718e1758b
c355159cc937a19485f62cc446530f319749237e147adbb2c5784d1d2c20ed64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/693627671/?random=1668192312937&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=2628613929&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/693627671/?random=1668192312937&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=2628613929&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1668192312937&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=2628613929&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/947884341/?random=1668192312932&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=3255845529&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/947884341/?random=1668192312932&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=3255845529&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1668192312932&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=3255845529&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/947884341/?random=1668192312941&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=4240805664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/947884341/?random=1668192312941&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=4240805664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1668192312941&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=4240805664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/947884341/?random=1668192312941&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=4240805664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/947884341/?random=1668192312941&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=4240805664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1668192312941&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=4240805664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=275123941&crd=&is_vtc=1&random=1165611745
302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=275123941&crd=&is_vtc=1&random=1165611745
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=275123941&crd=&is_vtc=1&random=1165611745 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=275123941&crd=&is_vtc=1&random=1165611745&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1990192278&crd=&is_vtc=1&random=4138245260
302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1990192278&crd=&is_vtc=1&random=4138245260
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1990192278&crd=&is_vtc=1&random=4138245260 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1990192278&crd=&is_vtc=1&random=4138245260&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/693627671/?random=1668192312944&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=305817379&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/693627671/?random=1668192312944&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=305817379&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1668192312944&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=305817379&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1668192312937&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=2628613929&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1668192312937&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=2628613929&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1668192312937&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=2628613929&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1668192312944&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=305817379&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1668192312944&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=305817379&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1668192312944&cv=9&fst=1668189600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fe-pitanie.ru%2F&async=1&fmt=3&is_vtc=1&random=305817379&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1175213569901%3Ahid%3A811434433%3Az%3A0%3Ai%3A20221111184512%3Aet%3A1668192313%3Arn%3A233244381%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Ast%3A1668192313&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
302 Found 42 B URL HTTP/2 mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1175213569901%3Ahid%3A811434433%3Az%3A0%3Ai%3A20221111184512%3Aet%3A1668192313%3Arn%3A233244381%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Ast%3A1668192313&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1175213569901%3Ahid%3A811434433%3Az%3A0%3Ai%3A20221111184512%3Aet%3A1668192313%3Arn%3A233244381%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Ast%3A1668192313&t=clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1175213569901%3Ahid%3A811434433%3Az%3A0%3Ai%3A20221111184512%3Aet%3A1668192313%3Arn%3A233244381%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Ast%3A1668192313&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Fri, 11 Nov 2022 18:45:13 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yandexuid=1071777491668192313; Expires=Sat, 11-Nov-2023 18:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1071777491668192313; Expires=Sat, 11-Nov-2023 18:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1339733131668192313; Path=/; SameSite=None; Secure
i=R5T0t6cCnpR/M+IL6drNyWHLvhr61bb9uBPpY6uRfzDk+70mmgh+RKEmBOJrP+6T7WfvMBjl9J1rwBaBYn9s91MIzmY=; Expires=Mon, 08-Nov-2032 18:45:03 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728313.yrts.1668192313#1699728313.yrtsi.1668192313; Expires=Sat, 11-Nov-2023 18:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:13 GMT
last-modified: Fri, 11-Nov-2022 18:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1990192278&crd=&is_vtc=1&random=4138245260&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1990192278&crd=&is_vtc=1&random=4138245260&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1990192278&crd=&is_vtc=1&random=4138245260&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=275123941&crd=&is_vtc=1&random=1165611745&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=275123941&crd=&is_vtc=1&random=1165611745&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=275123941&crd=&is_vtc=1&random=1165611745&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 18:45:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aca2e38eee453679f022dba5cf64555b
1c9f6f5e9ed1272e9edcc958e7cc2dec61f793df
ea8bc6a82c3243813e137066ca5b659192f72ac69690f9ea4dcb668624baf586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 11 Nov 2022 18:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A792944542596%3Ahid%3A811434433%3Aphid%3A243059204%3Az%3A0%3Ai%3A20221111184516%3Aet%3A1668192316%3Arn%3A733638739%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192316%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A792944542596%3Ahid%3A811434433%3Aphid%3A243059204%3Az%3A0%3Ai%3A20221111184516%3Aet%3A1668192316%3Arn%3A733638739%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192316%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash daa313e226996df8ac47eadddd48c35a
959b5afbce1e3d04b41b6cd4100e3b087ed1474c
12cd5634af86f4efe6632af30a9e89ad4b22fbc5db70d7ec725b9ee2cf69c212
GET /watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A792944542596%3Ahid%3A811434433%3Aphid%3A243059204%3Az%3A0%3Ai%3A20221111184516%3Aet%3A1668192316%3Arn%3A733638739%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192316%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Aeaydspl3nlyays9y07x84%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A792944542596%3Ahid%3A811434433%3Aphid%3A243059204%3Az%3A0%3Ai%3A20221111184516%3Aet%3A1668192316%3Arn%3A733638739%3Arqn%3A1%3Au%3A1668192313107234238%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C27%2C4%2C%2C0%2C%2C31%2C1%2C79%2C79%2C0%2C77%3Ans%3A1668192310600%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192316%3At%3A&t=gdpr%286%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 11 Nov 2022 18:45:16 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yandexuid=2086224141668192316; Expires=Sat, 11-Nov-2023 18:45:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2086224141668192316; Expires=Sat, 11-Nov-2023 18:45:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=485689391668192316; Path=/; SameSite=None; Secure
i=cTVZtWrKS+fnHZltnoI5i27MAAToxW2yIYeNJ7n/CE+vg96o5FYliC35CMJ/wZs+bDf2gwXO/uIpatfJFmvRnkV/lLY=; Expires=Mon, 08-Nov-2032 18:45:12 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728316.yrts.1668192316#1699728316.yrtsi.1668192316; Expires=Sat, 11-Nov-2023 18:45:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:16 GMT
last-modified: Fri, 11-Nov-2022 18:45:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/system/context.js
200 OK 0 B URL HTTP/2 an.yandex.ru/system/context.js
IP
GET /system/context.js HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-origin: *
expires: Fri, 11 Nov 2022 19:45:10 GMT
x-yandex-req-id: 1668192310172729-1561909582458908746600103-production-app-host-vla-pcode-262
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
200 OK 0 B URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-pitanie.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWNumDW8QAFEGM0UAmC0oceYJRU84AGQQxM9uHqnmCJU
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 11 Nov 2022 18:45:09 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1668192309; expires=Sat, 12-Nov-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1668192309; expires=Fri, 25-Nov-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1668192309; expires=Fri, 25-Nov-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1668192309; expires=Fri, 25-Nov-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1668192309; expires=Sat, 26-Nov-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1668192309; expires=Sun, 11-Dec-22 18:45:09 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=1503420A35986E63440140BC0214CD18
200 OK 0 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=1503420A35986E63440140BC0214CD18
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /merge_gpsid/?sid=50&id=1503420A35986E63440140BC0214CD18 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 11 Nov 2022 18:45:10 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 322
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 11 Nov 2022 18:45:11 GMT
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:11 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1338%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1415259113788%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192310%3Ac%3A1%3Arn%3A616859490%3Arqn%3A1%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C241%2C76%2C0%2C367%2C0%2C%2C557%2C65%2C%2C%2C%2C1282%3Ans%3A1668192307990%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192310%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1338%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1415259113788%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192310%3Ac%3A1%3Arn%3A616859490%3Arqn%3A1%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C241%2C76%2C0%2C367%2C0%2C%2C557%2C65%2C%2C%2C%2C1282%3Ans%3A1668192307990%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192310%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
GET /watch/23414332?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1338%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1415259113788%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192310%3Ac%3A1%3Arn%3A616859490%3Arqn%3A1%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C241%2C76%2C0%2C367%2C0%2C%2C557%2C65%2C%2C%2C%2C1282%3Ans%3A1668192307990%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192310%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fe-pitanie.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1338%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1415259113788%3Ahid%3A243059204%3Az%3A0%3Ai%3A20221111184510%3Aet%3A1668192310%3Ac%3A1%3Arn%3A616859490%3Arqn%3A1%3Au%3A1668192310340789903%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C241%2C76%2C0%2C367%2C0%2C%2C557%2C65%2C%2C%2C%2C1282%3Ans%3A1668192307990%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668192310%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BE%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5%2C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%D0%BC%20%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%BC%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B8%20-%20E-Pitanie.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 11 Nov 2022 18:45:10 GMT
access-control-allow-origin: https://e-pitanie.ru
set-cookie: yandexuid=5569710591668192310; Expires=Sat, 11-Nov-2023 18:45:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5569710591668192310; Expires=Sat, 11-Nov-2023 18:45:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=621299421668192310; Path=/; SameSite=None; Secure
i=bUHWEHNANBxsNRHZmodgiL/jGqYnGZXhG/hfbouW6C9+f8ZpLP4fn3yywIYeC/98DikjN1xCgX8w0TeWA1XwIXJdijI=; Expires=Mon, 08-Nov-2032 18:45:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699728310.yrts.1668192310#1699728310.yrtsi.1668192310; Expires=Sat, 11-Nov-2023 18:45:10 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11-Nov-2022 18:45:10 GMT
last-modified: Fri, 11-Nov-2022 18:45:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=76794266768145118596ed3bafeda8d0
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=76794266768145118596ed3bafeda8d0; expires=Fri, 10 Nov 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 11 Nov 2022 18:45:10 GMT
X-Firefox-Spdy: h2
an.yandex.ru/count/WM8ejI_zODS0nGe0f15fqpA82JyxgWK0rm4GmO200J4sc6vZ000003Z4Y5k80W6v0kkQOkNhF69Oy0BFlxw-m1Zm1G6W1ku1oGOsj4rVj01n4Aa7B_DaNuPi-5pu2QYfK2_p000k5nTADktm2mhW3OA0W860W8281AWFh-QJsUQGc_nSa12d-TRh_kU7dXUWfUNW507m5S6AzkoZZxpyOw0MaDYjcmR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96RmAk1d___y1m1cs-B2jYzZZ_WRI6H9vOM9pNtDbSdPbSYzoDpGvBJ7e6U09y1c0mWEO6jJ3Kx0RIBWR0u8S3NPYGpfhQd1OOLDeP3Vf780T_t-080A880pG8V___m7L8l__V_yI0383RPXH6Jmvx3lQtewy22NWa9RZaliIGx-M3p0OMR_n7aK00bBvURLpQ9Eevg327-McxXp5nS55C2W0~1=WKmejI_zO5W05Ge0f1BsK4kZM04GW8200QUv-lcImUBm0O010OW1wyBRqve1a07Six63u820W0AO0TopiODWk07Kp9hG9TW1mhd-gG7W0PQLhva1w06E1FW1s8_UlW6W0exwXG6m0zi1Y0MxsX6G1SouDx05d8mEk0MSZ0x01Oc0kW781VEaBz05lFS4g0Rk0Qa7B_DaNuPi-5ou1u05u0U62j08keY0WSA2W0RW28VzGkW91u0A0VWAWBKOw0oR1iWGmB2GWW6XY181a181W1I0W804q1J_n85Gw1IC0g0MaDYjcmR95W3mFvWNbxMqBBWN0S0NjTO1e1dk0RWP____0O4Q__ypGu9VRAce7W6m7m787-6S_rIf83Lw206aQie_k23daoYG8eciAP0YYgmfrIB__t__1W1IrpJ0VP95GCpCKunpAgLpD6O8Bm00~1?stat-id=1&test-tag=107752139577873&banner-sizes=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjcyOHg5MCJ9&format-type=118&actual-format=10&pcodever=679108&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjU3MzkzIn0%3D&pcode-active-testids=677689%2C0%2C45&width=1248&height=155&confirmTime=2101000&confirmRatio=1000000&wmode=0
200 OK 0 B URL HTTP/2 an.yandex.ru/count/WM8ejI_zODS0nGe0f15fqpA82JyxgWK0rm4GmO200J4sc6vZ000003Z4Y5k80W6v0kkQOkNhF69Oy0BFlxw-m1Zm1G6W1ku1oGOsj4rVj01n4Aa7B_DaNuPi-5pu2QYfK2_p000k5nTADktm2mhW3OA0W860W8281AWFh-QJsUQGc_nSa12d-TRh_kU7dXUWfUNW507m5S6AzkoZZxpyOw0MaDYjcmR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96RmAk1d___y1m1cs-B2jYzZZ_WRI6H9vOM9pNtDbSdPbSYzoDpGvBJ7e6U09y1c0mWEO6jJ3Kx0RIBWR0u8S3NPYGpfhQd1OOLDeP3Vf780T_t-080A880pG8V___m7L8l__V_yI0383RPXH6Jmvx3lQtewy22NWa9RZaliIGx-M3p0OMR_n7aK00bBvURLpQ9Eevg327-McxXp5nS55C2W0~1=WKmejI_zO5W05Ge0f1BsK4kZM04GW8200QUv-lcImUBm0O010OW1wyBRqve1a07Six63u820W0AO0TopiODWk07Kp9hG9TW1mhd-gG7W0PQLhva1w06E1FW1s8_UlW6W0exwXG6m0zi1Y0MxsX6G1SouDx05d8mEk0MSZ0x01Oc0kW781VEaBz05lFS4g0Rk0Qa7B_DaNuPi-5ou1u05u0U62j08keY0WSA2W0RW28VzGkW91u0A0VWAWBKOw0oR1iWGmB2GWW6XY181a181W1I0W804q1J_n85Gw1IC0g0MaDYjcmR95W3mFvWNbxMqBBWN0S0NjTO1e1dk0RWP____0O4Q__ypGu9VRAce7W6m7m787-6S_rIf83Lw206aQie_k23daoYG8eciAP0YYgmfrIB__t__1W1IrpJ0VP95GCpCKunpAgLpD6O8Bm00~1?stat-id=1&test-tag=107752139577873&banner-sizes=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjcyOHg5MCJ9&format-type=118&actual-format=10&pcodever=679108&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjU3MzkzIn0%3D&pcode-active-testids=677689%2C0%2C45&width=1248&height=155&confirmTime=2101000&confirmRatio=1000000&wmode=0
IP
GET /count/WM8ejI_zODS0nGe0f15fqpA82JyxgWK0rm4GmO200J4sc6vZ000003Z4Y5k80W6v0kkQOkNhF69Oy0BFlxw-m1Zm1G6W1ku1oGOsj4rVj01n4Aa7B_DaNuPi-5pu2QYfK2_p000k5nTADktm2mhW3OA0W860W8281AWFh-QJsUQGc_nSa12d-TRh_kU7dXUWfUNW507m5S6AzkoZZxpyOw0MaDYjcmR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96RmAk1d___y1m1cs-B2jYzZZ_WRI6H9vOM9pNtDbSdPbSYzoDpGvBJ7e6U09y1c0mWEO6jJ3Kx0RIBWR0u8S3NPYGpfhQd1OOLDeP3Vf780T_t-080A880pG8V___m7L8l__V_yI0383RPXH6Jmvx3lQtewy22NWa9RZaliIGx-M3p0OMR_n7aK00bBvURLpQ9Eevg327-McxXp5nS55C2W0~1=WKmejI_zO5W05Ge0f1BsK4kZM04GW8200QUv-lcImUBm0O010OW1wyBRqve1a07Six63u820W0AO0TopiODWk07Kp9hG9TW1mhd-gG7W0PQLhva1w06E1FW1s8_UlW6W0exwXG6m0zi1Y0MxsX6G1SouDx05d8mEk0MSZ0x01Oc0kW781VEaBz05lFS4g0Rk0Qa7B_DaNuPi-5ou1u05u0U62j08keY0WSA2W0RW28VzGkW91u0A0VWAWBKOw0oR1iWGmB2GWW6XY181a181W1I0W804q1J_n85Gw1IC0g0MaDYjcmR95W3mFvWNbxMqBBWN0S0NjTO1e1dk0RWP____0O4Q__ypGu9VRAce7W6m7m787-6S_rIf83Lw206aQie_k23daoYG8eciAP0YYgmfrIB__t__1W1IrpJ0VP95GCpCKunpAgLpD6O8Bm00~1?stat-id=1&test-tag=107752139577873&banner-sizes=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjcyOHg5MCJ9&format-type=118&actual-format=10&pcodever=679108&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjU3MzkzIn0%3D&pcode-active-testids=677689%2C0%2C45&width=1248&height=155&confirmTime=2101000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e-pitanie.ru
Content-Type: application/x-www-form-urlencoded
Referer: https://e-pitanie.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 11 Nov 2022 18:45:13 GMT
access-control-allow-origin: https://e-pitanie.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 11 Nov 2022 18:45:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 11 Nov 2022 18:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/count/WLuejI_zODS0fGe0915fqpA824U6mGK0rm4GW8200J4sc6vZ000003Z4Y5k80W6v0kkQOkNhF69Oy0BFlxw-m1Zm1G6W1ku1oGOsj4rVj01n4Aa7B_DaNuPi-5pu2QYfK2_p000k5nTADks1W820Y0Ie3w_cazdca9lyN90Gf_dMw_xdXvuNeANbu1G1y1N1YlRieu-y_6EW5f3OhPi6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHcy2hWP____0S0PjlYmhOlOu_u6qXaIUM5YSrzpPN9sPN8lSZSqEIqnw1dW2V0PWC83c1hKmrEm6qYu6mE270rsOaCwQsfmM65JQ6GtwHo07Vz_W202Y20Cq27___y1rIB__t__4m0o0ssOKHayEUmxsjwEl0Wbu92MuvBx4aE_bWym65c_yHv5002fT1qU_GAlTWvj4jKSLFYZtDITexWuk0W61G00~1=WKSejI_zO5C0xGa0L18GoqZwKm6dkVhvai7Yy0600G680Ul2szEQ0P01tBEnW-20W802c07Six63OBW1rCoQq2NO0SAv_ga1u06MbQ-P0UW1ZWJu0TYFthu1e0AE-eK1i0FR0OW5kzeHa0NCk3Um1PoC3hW5d8mEm0M9WBe1o0Npf2_G1Rpt1AW6xW6f1o_pP5-6RFXSk0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCcmR84C2ma881eOWI0P0I0O0KW8201D0K_yI1KEWKZ0AW5f3OhPi6oHO0y3-O5vUrj2ou5m705xNM0Q0PxW6u6V___m616l__CqE2Nsofg1u1i1y1o1_XdFzKgI0rUWW1f6hAFxWWvvCea2A9h2cG8egiATKY__z__mO0IDSqmFsFHK2ap5EC8ogbSmncY280~1?stat-id=1&test-tag=107752139577873&banner-sizes=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjcyOHg5MCJ9&format-type=118&actual-format=10&pcodever=679108&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjU3MzkzIn0%3D&pcode-active-testids=677689%2C0%2C45&width=1248&height=155&confirmTime=2101000&confirmRatio=1000000&wmode=0
302 Found 0 B URL HTTP/2 an.yandex.ru/count/WLuejI_zODS0fGe0915fqpA824U6mGK0rm4GW8200J4sc6vZ000003Z4Y5k80W6v0kkQOkNhF69Oy0BFlxw-m1Zm1G6W1ku1oGOsj4rVj01n4Aa7B_DaNuPi-5pu2QYfK2_p000k5nTADks1W820Y0Ie3w_cazdca9lyN90Gf_dMw_xdXvuNeANbu1G1y1N1YlRieu-y_6EW5f3OhPi6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHcy2hWP____0S0PjlYmhOlOu_u6qXaIUM5YSrzpPN9sPN8lSZSqEIqnw1dW2V0PWC83c1hKmrEm6qYu6mE270rsOaCwQsfmM65JQ6GtwHo07Vz_W202Y20Cq27___y1rIB__t__4m0o0ssOKHayEUmxsjwEl0Wbu92MuvBx4aE_bWym65c_yHv5002fT1qU_GAlTWvj4jKSLFYZtDITexWuk0W61G00~1=WKSejI_zO5C0xGa0L18GoqZwKm6dkVhvai7Yy0600G680Ul2szEQ0P01tBEnW-20W802c07Six63OBW1rCoQq2NO0SAv_ga1u06MbQ-P0UW1ZWJu0TYFthu1e0AE-eK1i0FR0OW5kzeHa0NCk3Um1PoC3hW5d8mEm0M9WBe1o0Npf2_G1Rpt1AW6xW6f1o_pP5-6RFXSk0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCcmR84C2ma881eOWI0P0I0O0KW8201D0K_yI1KEWKZ0AW5f3OhPi6oHO0y3-O5vUrj2ou5m705xNM0Q0PxW6u6V___m616l__CqE2Nsofg1u1i1y1o1_XdFzKgI0rUWW1f6hAFxWWvvCea2A9h2cG8egiATKY__z__mO0IDSqmFsFHK2ap5EC8ogbSmncY280~1?stat-id=1&test-tag=107752139577873&banner-sizes=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjcyOHg5MCJ9&format-type=118&actual-format=10&pcodever=679108&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjU3MzkzIn0%3D&pcode-active-testids=677689%2C0%2C45&width=1248&height=155&confirmTime=2101000&confirmRatio=1000000&wmode=0
IP
GET /count/WLuejI_zODS0fGe0915fqpA824U6mGK0rm4GW8200J4sc6vZ000003Z4Y5k80W6v0kkQOkNhF69Oy0BFlxw-m1Zm1G6W1ku1oGOsj4rVj01n4Aa7B_DaNuPi-5pu2QYfK2_p000k5nTADks1W820Y0Ie3w_cazdca9lyN90Gf_dMw_xdXvuNeANbu1G1y1N1YlRieu-y_6EW5f3OhPi6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHcy2hWP____0S0PjlYmhOlOu_u6qXaIUM5YSrzpPN9sPN8lSZSqEIqnw1dW2V0PWC83c1hKmrEm6qYu6mE270rsOaCwQsfmM65JQ6GtwHo07Vz_W202Y20Cq27___y1rIB__t__4m0o0ssOKHayEUmxsjwEl0Wbu92MuvBx4aE_bWym65c_yHv5002fT1qU_GAlTWvj4jKSLFYZtDITexWuk0W61G00~1=WKSejI_zO5C0xGa0L18GoqZwKm6dkVhvai7Yy0600G680Ul2szEQ0P01tBEnW-20W802c07Six63OBW1rCoQq2NO0SAv_ga1u06MbQ-P0UW1ZWJu0TYFthu1e0AE-eK1i0FR0OW5kzeHa0NCk3Um1PoC3hW5d8mEm0M9WBe1o0Npf2_G1Rpt1AW6xW6f1o_pP5-6RFXSk0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCcmR84C2ma881eOWI0P0I0O0KW8201D0K_yI1KEWKZ0AW5f3OhPi6oHO0y3-O5vUrj2ou5m705xNM0Q0PxW6u6V___m616l__CqE2Nsofg1u1i1y1o1_XdFzKgI0rUWW1f6hAFxWWvvCea2A9h2cG8egiATKY__z__mO0IDSqmFsFHK2ap5EC8ogbSmncY280~1?stat-id=1&test-tag=107752139577873&banner-sizes=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjcyOHg5MCJ9&format-type=118&actual-format=10&pcodever=679108&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjU3MzkzIn0%3D&pcode-active-testids=677689%2C0%2C45&width=1248&height=155&confirmTime=2101000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://e-pitanie.ru
Connection: keep-alive
Referer: https://e-pitanie.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WM8ejI_zODS0nGe0f15fqpA82JyxgWK0rm4GmO200J4sc6vZ000003Z4Y5k80W6v0kkQOkNhF69Oy0BFlxw-m1Zm1G6W1ku1oGOsj4rVj01n4Aa7B_DaNuPi-5pu2QYfK2_p000k5nTADktm2mhW3OA0W860W8281AWFh-QJsUQGc_nSa12d-TRh_kU7dXUWfUNW507m5S6AzkoZZxpyOw0MaDYjcmR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96RmAk1d___y1m1cs-B2jYzZZ_WRI6H9vOM9pNtDbSdPbSYzoDpGvBJ7e6U09y1c0mWEO6jJ3Kx0RIBWR0u8S3NPYGpfhQd1OOLDeP3Vf780T_t-080A880pG8V___m7L8l__V_yI0383RPXH6Jmvx3lQtewy22NWa9RZaliIGx-M3p0OMR_n7aK00bBvURLpQ9Eevg327-McxXp5nS55C2W0~1=WKmejI_zO5W05Ge0f1BsK4kZM04GW8200QUv-lcImUBm0O010OW1wyBRqve1a07Six63u820W0AO0TopiODWk07Kp9hG9TW1mhd-gG7W0PQLhva1w06E1FW1s8_UlW6W0exwXG6m0zi1Y0MxsX6G1SouDx05d8mEk0MSZ0x01Oc0kW781VEaBz05lFS4g0Rk0Qa7B_DaNuPi-5ou1u05u0U62j08keY0WSA2W0RW28VzGkW91u0A0VWAWBKOw0oR1iWGmB2GWW6XY181a181W1I0W804q1J_n85Gw1IC0g0MaDYjcmR95W3mFvWNbxMqBBWN0S0NjTO1e1dk0RWP____0O4Q__ypGu9VRAce7W6m7m787-6S_rIf83Lw206aQie_k23daoYG8eciAP0YYgmfrIB__t__1W1IrpJ0VP95GCpCKunpAgLpD6O8Bm00~1?stat-id=1&test-tag=107752139577873&banner-sizes=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjcyOHg5MCJ9&format-type=118&actual-format=10&pcodever=679108&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MDI3MCI6IjU3MzkzIn0%3D&pcode-active-testids=677689%2C0%2C45&width=1248&height=155&confirmTime=2101000&confirmRatio=1000000&wmode=0
date: Fri, 11 Nov 2022 18:45:13 GMT
access-control-allow-origin: https://e-pitanie.ru
set-cookie: yandexuid=3975360281668192313; domain=.yandex.ru; path=/; expires=Mon, 08-Nov-2032 18:45:13 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Fri, 11 Nov 2022 18:45:13 GMT
last-modified: Fri, 11 Nov 2022 18:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
82.146.33.243
52.41.252.32
136.243.148.229
31.220.27.155
188.42.191.196
104.18.21.226
188.72.109.103
23.36.76.226
139.45.228.111