i.joecomp.com/img/images/001/image-01-6.jpg
172.67.182.205200 OK 18 kB URL GET HTTP/2 i.joecomp.com/img/images/001/image-01-6.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:12:22 11:48:41], baseline, precision 8, 326x218, components 3
Hash 22bb7940453006eb12ffb77d27aadd04
910273f242c9a4eafbe3a393f853145209b0b546
20ceb589f417a1d029db9ab1c14395d6553cf34dba2933df1cadec0f57653d94
GET /img/images/001/image-01-6.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 17913
last-modified: Fri, 21 Feb 2020 18:34:44 GMT
etag: "45f9-59f1a468520ea"
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 12:53:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 11380265
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxWW6EwlmVUUCp2XT1%2BEgzX55ttfQdFi8i268LekOWe%2FHVKQe5SvWl%2BhNsfvlCdgEgnlN3jlQDtvd63pxN6ug0F5iq4ZP1oUJV7Rw2R4FwKbR2nSRtjDpkvwGCXVwkjs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbcfe356c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/images/001/image-01.jpg
172.67.182.205200 OK 17 kB URL GET HTTP/2 i.joecomp.com/img/images/001/image-01.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 721x345, components 3
Hash 31393614a27c29de7e7c10b4c8391787
79c4560eccaeeed874dcb80e7fdf891683c19a8d
06606c8d41fc1e8dde62b5030e43232bb4017881796ca82f349d940bec5c8755
GET /img/images/001/image-01.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 17209
last-modified: Tue, 31 Jan 2023 11:00:54 GMT
etag: "4339-5f38d3ee6b1a7"
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 12:53:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 11380265
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoGqSSv9QTFlQBS2PCJs50895rRVVJBXqF2LiC0PWDQahn3kdLidhQaUwu4ZnkiP9NRmKvFjGrkwlBrnJosWS%2F4Gq4R4tgsp96EbEcrdwQeZrygnYgv51fKQbPV7%2BmYK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbcfe156c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/images/001/image-05.jpg
172.67.182.205200 OK 68 kB URL GET HTTP/2 i.joecomp.com/img/images/001/image-05.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 720x375, components 3
Hash bf3d0bd4d83c851859fbf537fb2b9140
9f2c8f13274be138eef1f2945adaa3623e701403
6422f62f8c627eae9df2eb197e23af38a51d318ba8d833442c4d0a4d3208551b
GET /img/images/001/image-05.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 67690
last-modified: Tue, 31 Jan 2023 11:00:55 GMT
etag: "1086a-5f38d3eedfcd7"
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 06:00:34 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 268
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BfshwSFXDJIeme3k%2FTiQ%2BIuM4rvks4%2BYaZ0R5vrP41BgX9h4V0k7%2B7V%2BX8BANwhUpjRM3judBFB%2FYmvWFLrXXUeK6lwtPlsJ2FCU6u9VpQ33jTPFETV%2BaDJST%2FMFEx8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbcfe456c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/logo/main_logo.png
172.67.182.205200 OK 21 kB URL GET HTTP/2 i.joecomp.com/logo/main_logo.png
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type PNG image data, 272 x 50, 8-bit/color RGBA, non-interlaced
Hash 4a9f9c840eadc256436dfc14215a5066
a9eefdf85459efbd8c99976f3ea9dbfbad08f43d
c69f29ac10e667c0be1c9de64cc0782bc7c11a496edc4a470e3594cb68a4b57a
GET /logo/main_logo.png HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/png
content-length: 20774
last-modified: Fri, 21 Feb 2020 18:36:18 GMT
etag: "5126-59f1a4c225032"
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 12:53:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 11380265
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n578OyjvztRCRhKNC2jAqXXPFbHaZn8tCY1y9yXHo9PDfiSA5iXOcgDTvEyw3SbqfnTKcXPbzENvNV7nNkewmcSAL7xteqQKuEq9hkVUU3Z9a3e2cZQoi1G8NKcWMHRI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbe81456c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/images/001/image-02.jpg
172.67.182.205200 OK 29 kB URL GET HTTP/2 i.joecomp.com/img/images/001/image-02.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 720x375, components 3
Hash 69f3df457c9230379d267d2fb93f8db8
253a8bd2329d33575f69bbd3aacaca6eb97621d4
aa2e9a3abd9113221b563e998debcec39834a8e7f45aff36d8b15fc23b9dd747
GET /img/images/001/image-02.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 29369
last-modified: Tue, 31 Jan 2023 11:00:55 GMT
etag: "72b9-5f38d3eea3be7"
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 12:53:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 11380265
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UeWPnQYePZ6jRd3%2Bc1ADKtH9IHT4CfKpecbOjK8%2BXI9gajRj7vcyDQNy1C5fDnmRxyW4L1Lw1A47HChPTxxBEKpoNnLzaoGfV%2FPouc446AOlxxi3AV%2BJySqzukWOBzxu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbe81856c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/logo/logo_mini.png
172.67.182.205200 OK 21 kB URL GET HTTP/2 i.joecomp.com/logo/logo_mini.png
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type PNG image data, 175 x 32, 8-bit/color RGBA, non-interlaced
Hash 0818ea172499b6953bd045786a010abc
8b77bca21403a7fa6b0538c070b4deba581bcfa4
22a680131096e4ffe5e44975839e60b39f5050a563d3daf85b4ab0193b7545fb
GET /logo/logo_mini.png HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/png
content-length: 20579
last-modified: Fri, 21 Feb 2020 18:36:18 GMT
etag: "5063-59f1a4c224862"
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 12:53:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 11380265
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7XyMdZByLuVxxZP5%2F6BGGKE%2FIyUEoCe91L3gYlE3HwtLGUreANShy7jmCFej8sXE98ZNoSEsxqKguuPsuX4z9NyHcUwU8G5IRJcJGh3HPwMCZ6YlP2qiR3hlzJhz02U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbe81656c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/images/001/image-04.jpg
172.67.182.205200 OK 34 kB URL GET HTTP/2 i.joecomp.com/img/images/001/image-04.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 720x375, components 3
Hash 81ecef8b84f32d4a0e6918ae6f3b28f2
852f81660cee11cb75e7fa0349872dd1612a2b77
21fd044205f6cfb50fbdc394f128b80f936b51d43a4b90704624dfac6658c87e
GET /img/images/001/image-04.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 33924
last-modified: Tue, 31 Jan 2023 11:00:55 GMT
etag: "8484-5f38d3eebf167"
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 06:00:34 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 268
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYGIkVUrDMGLf6ZL8rnbxUh6ozpUGruLWhwHcvR25vu8dQWcdE7yba9on6ajagBWK3TgnkZrTSefxs%2BX8C%2BUkyzBTxQXaxvK2iuMJwYHosj8w1t639aWLbwgZ5uq5ggt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbe81756c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/images/001/image-03.jpg
172.67.182.205200 OK 32 kB URL GET HTTP/2 i.joecomp.com/img/images/001/image-03.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 720x345, components 3
Hash 3e1ac8b7004c39e5a75c1fd103d44e2e
299f0b4327ea7a01884c7379fb9af7de94276cb8
b8d30934cbaf3e8ddfc2d7ff9f22031ae93c3ae4d2c92fe0b192f9e3b8d1a563
GET /img/images/001/image-03.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 31728
last-modified: Tue, 31 Jan 2023 11:00:55 GMT
etag: "7bf0-5f38d3eebaeff"
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 12:53:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 11380265
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XdRlgkno0p3nQtiRA0Uo8f6Lg0GUNMzqroTShuTM1SoBipYj467qKLJbIOwOo0q%2FpsxQGEOWndZjLnpp1TIRlIvInHTqVXEig%2BtIj4sC1FRnCW5pfbAr7xYfzY8S%2BxGR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fc083556c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/web-apps-2018/search-engines-ready-for-battle-but-where-s-war-2.jpg
172.67.182.205200 OK 11 kB URL GET HTTP/2 i.joecomp.com/img/web-apps-2018/search-engines-ready-for-battle-but-where-s-war-2.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:11:18 18:52:49], baseline, precision 8, 135x89, components 3
Hash 6df5281db4544f1c919702684292b464
f526fcc5c1dc5bcc290ea17ac1c5835695ed5f76
597e9585d1a00f701d800a29970b55ae4aaf1dee7d21c5f9dbd78a8fcb66539b
GET /img/web-apps-2018/search-engines-ready-for-battle-but-where-s-war-2.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 10930
last-modified: Fri, 21 Feb 2020 23:49:02 GMT
etag: "2ab2-59f1eaa82fcd0"
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 06:05:02 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ebl%2BZm0lLjjzvD8Ah9tgE09Xfuugsrx9Al5cSEkrYud0QGPMUhdVa4kCifHsHK%2F1ssxUflLzff5nfaVYwITVlriqVfo6kM%2FoiN2HcKDZsgIXJ70bxj%2BEM6GldGnWDL30"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbcfec56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/business-software-2018/google-seeks-to-boost-geo-apps-with-new-maps-api.png
172.67.182.205200 OK 29 kB URL GET HTTP/2 i.joecomp.com/img/business-software-2018/google-seeks-to-boost-geo-apps-with-new-maps-api.png
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type PNG image data, 435 x 291, 8-bit/color RGB, non-interlaced
Hash 206d34f497696207dd4255c2b315c00a
efe74698aa4d703f31fde445435fe8ae2d5eec99
4f96feec6b8713ab622dbb54737683cec22159d9c7b55aaf63befee5b8fde47f
GET /img/business-software-2018/google-seeks-to-boost-geo-apps-with-new-maps-api.png HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/png
content-length: 28774
last-modified: Fri, 21 Feb 2020 22:28:14 GMT
etag: "7066-59f1d89959f60"
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 06:05:02 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHb%2B5mpACjpsTgIzWYZeqH6rp9cH3qn8gZK6oDnreM64bb3aaslcz3WwXzi7JF6TT6%2BMlCIemUb%2FMBeJM3UmR9asDkOc3fdk9AELGU7%2BNAkHDs%2FqwVhokVrqcLdoAaXK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbcfe956c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/utility-software-2018/run-programs-as-services-with-firedaemon-pro.jpg
172.67.182.205200 OK 22 kB URL GET HTTP/2 i.joecomp.com/img/utility-software-2018/run-programs-as-services-with-firedaemon-pro.jpg
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:11:18 18:30:33], baseline, precision 8, 262x237, components 3
Hash 6d39e90187b0c0c338f6efc675cf7dda
c7b6439c94f716e0d9f4f105560727392fddb5cf
473827fa7013e62b32a4e09a651e243e5fb3c5dfa9f36d6887c4b2df2fa8bec4
GET /img/utility-software-2018/run-programs-as-services-with-firedaemon-pro.jpg HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 21539
last-modified: Fri, 21 Feb 2020 23:43:55 GMT
etag: "5423-59f1e983f279f"
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 06:05:02 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V29PVfHqZ5UMBoEP5y7oSjHHvEDmQcnbbQw6ca29L7B3TW5H8MMbSjKS2hMGcl%2BDlcUb1iQ0PS2SMU9FKVALD6%2B9E6RTiinZUY1CY1GxwbGHMVIvNyYoF5iGCYfazLqv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbcfe556c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.joecomp.com/img/tech-events-2018/jury-orders-microsoft-to-pay-24.jpg4.jpg-million-in-patent-dispute.png
172.67.182.205200 OK 18 kB URL GET HTTP/2 i.joecomp.com/img/tech-events-2018/jury-orders-microsoft-to-pay-24.jpg4.jpg-million-in-patent-dispute.png
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2018:12:22 11:48:41], baseline, precision 8, 326x218, components 3
Hash 22bb7940453006eb12ffb77d27aadd04
910273f242c9a4eafbe3a393f853145209b0b546
20ceb589f417a1d029db9ab1c14395d6553cf34dba2933df1cadec0f57653d94
GET /img/tech-events-2018/jury-orders-microsoft-to-pay-24.jpg4.jpg-million-in-patent-dispute.png HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: image/jpeg
content-length: 17913
last-modified: Fri, 21 Feb 2020 18:34:44 GMT
etag: "45f9-59f1a468520ea"
cache-control: max-age=31536000
expires: Fri, 18 Apr 2025 06:05:02 GMT
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTdDLR3uUT%2F1Dr4Z7eyWG5seZE8rveyNbx%2BrL0nMalqnAfh06gkTiZVRnspo1SBl8GNrdBa1TqmFGmuHwevwt2mGDvAeyLv9RddXTQi95gcwIveqtWfu5%2FLdsZjmZmFw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fbcfeb56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adlook.me/js/vbf.js
193.17.93.93200 OK 86 kB IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
Hash eae46659f5572b6b909009ffa4534c2f
9158e85ed9015cbe166c4a0bd974bfbee63dcbac
ba74663708d6b6f80b912a5580c14da2a6a904d3215daf5a54b2eb087871ce67
GET /js/vbf.js HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: application/javascript,application/javascript;charset=utf-8
content-length: 85956
last-modified: Mon, 15 Apr 2024 08:29:17 GMT
etag: "dc7d51f8fda1:0"
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-04-18T06:01:23+00:00
x-node: m9p-up-gc72
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.adlook.me/js/rlf.js
193.17.93.93200 OK 81 kB IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators
Hash ae89afef8020880f8f33570fc361915e
3a3dac359793f3b26edd7f314546c47dd05f6ab7
a05cc0f77829a2d1cd3c695b37f622fd3290b7176190d02d1ade0aab29618a4d
GET /js/rlf.js HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: application/javascript,application/javascript;charset=utf-8
content-length: 81144
last-modified: Wed, 10 Apr 2024 12:24:32 GMT
etag: "c3998ea428bda1:0"
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-04-18T06:01:23+00:00
x-node: m9p-up-gc72
accept-ranges: bytes
X-Firefox-Spdy: h2
sarcasticnotarycontrived.com/a8/e5/5c/a8e55c612178c20c93be7f647780919a.js
192.243.59.12200 OK 16 kB URL GET HTTP/1.1 sarcasticnotarycontrived.com/a8/e5/5c/a8e55c612178c20c93be7f647780919a.js
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.sarcasticnotarycontrived.com
Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40
ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File type JavaScript source, ASCII text, with very long lines (44095), with no line terminators
Hash debece4d964dd50817d897699b18f775
f4267ab15dc79228e3b57213eafb64cc3eb519d0
2cea6edebfd52c20690f6a3fd7ac9b7998d172e0af8333622adee481acc9ddda
GET /a8/e5/5c/a8e55c612178c20c93be7f647780919a.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 06:05:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 534d5a91e68ada41352c41ce8d8e67a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf
216.58.207.227200 OK 32 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und
Hash 3256fc68bf4f5944fecc69b64d872a88
dd31faf30e23b2b573df522447a1a360c0620cc5
682faf236eb80dd1a3353fc2eae4ff34b39e2883ef1ffc27ed984842ebfc47e2
GET /s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 07:45:38 GMT
expires: Fri, 11 Apr 2025 07:45:38 GMT
cache-control: public, max-age=31536000
age: 598765
last-modified: Wed, 11 Oct 2017 18:22:47 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
barajind.top/?te=gqywkm3fgu5ha3ddf44dknbw
134.209.192.77200 OK 25 kB URL GET HTTP/2 barajind.top/?te=gqywkm3fgu5ha3ddf44dknbw
IP 134.209.192.77:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectbarajind.top
Fingerprint31:D0:F9:BD:5F:DB:9A:A4:97:45:0F:C4:C8:6A:ED:5E:59:76:42:93
ValidityMon, 01 Apr 2024 19:11:17 GMT - Sun, 30 Jun 2024 19:11:16 GMT
Hash d1d9f84bef54f98364339e52faeab84a
900f48f7d9adc018437ca599ab5d5cab0711f2fa
c3980b04ce87b42d081a30bebeeddd95fb59b0e170cfcf3cdaba58c6de85bf21
GET /?te=gqywkm3fgu5ha3ddf44dknbw HTTP/1.1
Host: barajind.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=1167de7f-855a-4abb-bc8c-bab92d69f100; expires=Sat, 18-May-2024 06:05:02 GMT; Max-Age=2592000; path=/; SameSite=None; domain=barajind.top; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf
216.58.207.227200 OK 32 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und
Hash 97f443e6355feeb74a5a4043236d91c0
4c2ed371db850934ad83b2d830abbf6bda9bb5a0
08d3764653cba296a0f9b57a8b1356f976bf780c6944628552342a3b16831772
GET /s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 06:58:00 GMT
expires: Wed, 16 Apr 2025 06:58:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 18:22:47 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 169623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf
216.58.207.227200 OK 24 kB URL GET HTTP/3 fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu
Hash abd464fd52dec0108904f062f30b31d4
f51881b3732bcb7aac9592f50184720e7d726ccf
0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05
GET /s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24229
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:22:08 GMT
expires: Wed, 16 Apr 2025 01:22:08 GMT
cache-control: public, max-age=31536000
age: 189775
last-modified: Wed, 11 Oct 2017 21:49:47 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.adlook.me/u/cds.html
193.17.93.93200 OK 1.4 kB IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 092b935eec2ba1199c03c1c856472e77
90d533fb895dda57fd0645cf484a4ecb7a64c344
8719a7a7e474f30d7a1d5dbf2ab97bbd73437c28ef567b410361540ad38c985e
GET /u/cds.html HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: text/html
content-length: 1439
last-modified: Thu, 06 Aug 2020 17:06:57 GMT
etag: "207a2dfe136cd61:0"
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-04-18T05:59:24+00:00
x-node: m9p-up-gc72
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.adlook.me/css/rlf.css?1.6
193.17.93.93200 OK 1.1 kB URL GET HTTP/2 cdn.adlook.me/css/rlf.css?1.6
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type ASCII text, with very long lines (3927), with no line terminators
Hash bfacb6b02eff3ef2c33d4b93d390b2b7
625baf85d1b0804ede56f7cce7addbabb34b2ef4
a8ec9ce4d97e4d570b348e8a28115ee7ad56738f83ad9f99866bc7ebe62b646c
GET /css/rlf.css?1.6 HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: text/css
content-length: 1080
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 10:22:24 GMT
etag: "0b0948aaf59da1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-04-18T06:04:52+00:00
x-node: m9p-up-gc72
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.adlook.me/css/vbf.css?1.6
193.17.93.93200 OK 999 B URL GET HTTP/2 cdn.adlook.me/css/vbf.css?1.6
IP 193.17.93.93:443
ASN #210756 EdgeCenter LLC
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type ASCII text, with very long lines (3450), with no line terminators
Hash eea9a0d5ffd3703872ae595dda763556
e00f401a210200d123102edbc5a5a574b092fece
30d7b1b8f0c978507fcafec13ae876364a31593a52b7671b06b3d328d7570bc7
GET /css/vbf.css?1.6 HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: text/css
content-length: 999
content-encoding: gzip
last-modified: Fri, 19 Jan 2024 15:09:46 GMT
etag: "0d9c389e94ada1:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2024-04-18T05:59:15+00:00
x-node: m9p-up-gc72
accept-ranges: bytes
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
52.29.198.136200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP 52.29.198.136:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f34c49d508496f69cf6a08afa0e7c956
df85c919d21b1a38f156174755c19c6c709fe6b4
9a384813bd1a54a4361ab040b0c68f25b38655c71519448dabb83f27be0e4b70
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ja.joecomp.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4a862009-6578-40ec-a1f9-0a744a7ebc28:1:1; expires=Sun, 16 Apr 2034 06:05:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240418
151.101.1.229200 OK 837 B URL GET HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240418
IP 151.101.1.229:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash c22cbc4c490729aaa05b28f771a062e7
c5f929041cc9c8a98d05bc8e6a879114c19b49d6
0505531938496a2d4d5d2d79aac278deb88f6dbc6f0c7e47fbc0007f862802eb
GET /gh/prebid/currency-file@1/latest.json?date=20240418 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
content-type: text/plain
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2029
x-jsd-version-type: version
etag: W/"63b-xfkpBBzJyKmNBbyOaoeRFMGbSdY"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 06:05:03 GMT
age: 7450
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 837
X-Firefox-Spdy: h2
amer.hhkld.com/tag/load-106801.js?page_url=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro
185.106.140.207200 OK 82 kB URL GET HTTP/2 amer.hhkld.com/tag/load-106801.js?page_url=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro
IP 185.106.140.207:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjecthhkld.com
Fingerprint8F:B1:0C:A0:87:DD:30:BF:E2:DD:3B:46:BE:0C:C8:0A:AF:06:35:32
ValidityMon, 19 Feb 2024 04:08:17 GMT - Sun, 19 May 2024 04:08:16 GMT
File type gzip compressed data, max speed, from Unix
Hash 709cd2f5268901bbba3075832d29b327
f3c9afe58905d16f2b28c07830a859f8e436dbc8
4b5f1d8c6952aa26bc259ee1697ba015eed81f9bc8e8e12729ccca61919e28bb
GET /tag/load-106801.js?page_url=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro HTTP/1.1
Host: amer.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: uid=CmX+RGYguA6bHU511zksAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
jsc.mgid.com/o/p/optad360.joecomp.com.1487693.es6.js
104.19.132.76200 OK 96 kB URL GET HTTP/3 jsc.mgid.com/o/p/optad360.joecomp.com.1487693.es6.js
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type JavaScript source, ASCII text, with very long lines (31986)
Hash 3d016bca649c785183c80f75d5823191
599743846e78ad3f36a8e68dfe187fbdd7a463ba
3a55856e4c48e80168b41db5b5c874f3f361e80cc64444be3d2774164db4b702
GET /o/p/optad360.joecomp.com.1487693.es6.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=313349
etag: W/"9e5173bf93f9d0dc8c3e0a81a10547bd"
last-modified: Fri, 05 Apr 2024 10:59:51 GMT
x-amz-id-2: v7qm3cuDI3dvH9Pvsh7Matp0JeicmFF3job3Dd2cyhKaaaWDkJL5Ygqhi/pCMKb2b9v7vspggUs=
x-amz-request-id: K2TRBY8SXNP4J3DR
x-amz-server-side-encryption: AES256
x-amz-version-id: 4FJiobHQgrivcw8pTthZlHIqzZkM32KV
cf-cache-status: HIT
expires: Thu, 18 Apr 2024 09:05:03 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=9wMLjfNfMVU28wcg2_2qyQKvQptzz3oDSyJGoQWRRNA-1713420303-1.0.1.1-7JGxfpGyFO5ddJdPchFl8q71MLzzvZzfF0oJiE8P2X_zDwxeX9v7dID41BPOdOHUwyGKOZ9uAjqlyQXfBh6c2w; path=/; expires=Thu, 18-Apr-24 06:35:03 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
server: cloudflare
cf-ray: 876276017b69b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf
216.58.207.227200 OK 24 kB URL GET HTTP/3 fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu
Hash abd464fd52dec0108904f062f30b31d4
f51881b3732bcb7aac9592f50184720e7d726ccf
0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05
GET /s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24229
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:22:08 GMT
expires: Wed, 16 Apr 2025 01:22:08 GMT
cache-control: public, max-age=31536000
age: 189775
last-modified: Wed, 11 Oct 2017 21:49:47 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf
216.58.207.227200 OK 32 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und
Hash 97f443e6355feeb74a5a4043236d91c0
4c2ed371db850934ad83b2d830abbf6bda9bb5a0
08d3764653cba296a0f9b57a8b1356f976bf780c6944628552342a3b16831772
GET /s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 06:58:00 GMT
expires: Wed, 16 Apr 2025 06:58:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 18:22:47 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 169623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhs.ttf
216.58.207.227200 OK 25 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhs.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright � 2011, Google Corporation.Open Sans SemiBoldRegular1.10;1ASC;OpenSans-
Hash 5613b984da07ee40456c6bc790ca2f21
acec6c48759b9a14a56371ae0027c1577f05dec9
8d0e99cf50d6d7ac44bbceaa8062697392b9f71532d8e9716ff9cd2bf5a78103
GET /s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 11:02:41 GMT
expires: Thu, 17 Apr 2025 11:02:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:50 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 68542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf
216.58.207.227200 OK 32 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und
Hash 3256fc68bf4f5944fecc69b64d872a88
dd31faf30e23b2b573df522447a1a360c0620cc5
682faf236eb80dd1a3353fc2eae4ff34b39e2883ef1ffc27ed984842ebfc47e2
GET /s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 07:45:38 GMT
expires: Fri, 11 Apr 2025 07:45:38 GMT
cache-control: public, max-age=31536000
age: 598765
last-modified: Wed, 11 Oct 2017 18:22:47 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
video.onnetwork.tv/embed.php?ext=optad
51.83.24.136200 OK 756 B URL GET HTTP/2 video.onnetwork.tv/embed.php?ext=optad
IP 51.83.24.136:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type JavaScript source, ASCII text, with very long lines (405)
Hash c8faf94ab9ad5e96d0fb631cad162211
5916a83927c732a033a0547080c6e08dc47ac170
8c6de7d98318defae0189643e9db9f82cff36f653e621611cbc70a45db96508c
GET /embed.php?ext=optad HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Thu, 18 Apr 2024 06:05:02 GMT
expires: Thu, 18 Apr 2024 06:05:02 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 756
content-type: text/javascript;charset=utf-8
date: Thu, 18 Apr 2024 06:05:03 GMT
server: XO.webservant
X-Firefox-Spdy: h2
get.optad360.io/assets/js/prebid8.20.2.js
52.85.243.122200 OK 323 kB URL GET HTTP/2 get.optad360.io/assets/js/prebid8.20.2.js
IP 52.85.243.122:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Size 323 kB (322734 bytes)
Hash 534e84e052b2e1de4ea3183f312ceabd
d7520719a6ebb6d9b186c1eb6517f9233dbbc14a
004784c9bf60a4941ae16c9dd692a6e1c1c5581f2d20b25177e431675d54392a
GET /assets/js/prebid8.20.2.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Sun, 24 Mar 2024 13:12:07 GMT
last-modified: Thu, 11 Jan 2024 07:08:59 GMT
etag: W/"643c66a3d7b92031d1740b1b750e096d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb13343f41a549822047f18ba839fd5a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 0fFc0_43nXZmcwfi0KYp2zPRVb5Ni2Q7jd1OpjJPdtIx-oDqDTbR3A==
age: 2134377
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embed.min.js?s=1713283605
87.98.236.115200 OK 43 kB URL GET HTTP/2 cdn.onnetwork.tv/js/player90/embed.min.js?s=1713283605
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type gzip compressed data, max speed, from Unix
Hash 3337831e541e1ac76b0269079cd79237
d3e2689b478ffaaccaac6607f1a17a2821cf0568
434230fd19cf0318b170462a06460cd09ec7e3177ee4c82ff28de2bf54565f53
GET /js/player90/embed.min.js?s=1713283605 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 16:06:45 GMT
vary: Accept-Encoding
etag: W/"661ea215-16da4"
expires: Mon, 04 Nov 2024 06:05:04 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420304213&d=9878&wsc=00&typ=embed&mobile=0&c=40
87.98.236.115200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420304213&d=9878&wsc=00&typ=embed&mobile=0&c=40
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1713420304213&d=9878&wsc=00&typ=embed&mobile=0&c=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Thursday, 18-Apr-2024 06:05:04 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
52.29.198.136200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP 52.29.198.136:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f34c49d508496f69cf6a08afa0e7c956
df85c919d21b1a38f156174755c19c6c709fe6b4
9a384813bd1a54a4361ab040b0c68f25b38655c71519448dabb83f27be0e4b70
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: uid_id2=4a862009-6578-40ec-a1f9-0a744a7ebc28:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://ja.joecomp.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
abnormalgently.com/sbar.json?key=a8e55c612178c20c93be7f647780919a
172.240.108.68200 OK 8.0 kB URL GET HTTP/1.1 abnormalgently.com/sbar.json?key=a8e55c612178c20c93be7f647780919a
IP 172.240.108.68:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
Hash 99664c4c62223a2d59fa3e2d1e143674
7b206cff5902965013a89ffb15d5861dac8d65ac
e0fcd29df0448937b6460058c19890e65446d05114bec7bd481bc616f38e53a5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=a8e55c612178c20c93be7f647780919a HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://ja.joecomp.com
Access-Control-Allow-Origin: https://ja.joecomp.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19923888; expires=Fri, 19 Apr 2024 06:05:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 19 Apr 2024 06:05:04 GMT; secure; SameSite=None
uncs=1; expires=Fri, 19 Apr 2024 06:05:04 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 19 Apr 2024 06:05:04 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 19 Apr 2024 06:05:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3513b5e6d6762b74e7dfa9a1e4fc7dd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn-a.adlook.me/vast/vk-vdisp/videodirect-vk-vdisp-1.xml
5.101.76.186200 OK 2.3 kB URL GET HTTP/2 cdn-a.adlook.me/vast/vk-vdisp/videodirect-vk-vdisp-1.xml
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type XML 1.0 document, ASCII text, with very long lines (1443), with CRLF line terminators
Hash 9ea0c7bff85631693b5beb15308d2ffd
5f70b622cb50fd8d325ef88e19b5be7e54708188
4a2f1afcdc7d327bd09679444cffe344cb81edd2a70c6faef192444ee1a3abb6
GET /vast/vk-vdisp/videodirect-vk-vdisp-1.xml HTTP/1.1
Host: cdn-a.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/xml
last-modified: Wed, 06 Mar 2024 16:35:00 GMT
accept-ranges: bytes
etag: "1da6fe43b5c9af2"
server: Microsoft-IIS/10.0
access-control-allow-origin: https://ja.joecomp.com
access-control-allow-credentials: true
date: Thu, 18 Apr 2024 06:05:04 GMT
content-length: 2290
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/kbDH64c7yFY_jqB7YcKn5L17UiLpXtxUw327HFbPUW4prlZfB6EKOQ/jsvpaid
148.251.40.140307 Temporary Redirect 125 B URL GET HTTP/2 exchange.buzzoola.com/adv/kbDH64c7yFY_jqB7YcKn5L17UiLpXtxUw327HFbPUW4prlZfB6EKOQ/jsvpaid
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash c4e6110e198630907f5a9ce01be73b7e
6001dcc0fc7f0ef6d7bbddde7297c51feba0b417
083c3ed2c60a5b4ff12eb2792db7f9eb6f206bd880e30b26976f02bcc09f023d
GET /adv/kbDH64c7yFY_jqB7YcKn5L17UiLpXtxUw327HFbPUW4prlZfB6EKOQ/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 18 Apr 2024 06:05:01 GMT
content-type: text/html; charset=utf-8
content-length: 125
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
location: /adv/kbDH64c7yFY_jqB7YcKn5L17UiLpXtxUw327HFbPUW4prlZfB6EKOQ/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=14d8cfd0-51fd-42a2-6c84-9a0e5f8e973c; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:01 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid
148.251.40.140307 Temporary Redirect 114 B URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash b6f1cd46de3ae2cb86ac79f92ccdf255
edee9a1c75ea97b15626c66d76c176ccdaa0cc22
aa078d05ee2aa221faae0bbfafe453e1b59c764ff2dbe711042593d313568d3c
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html; charset=utf-8
content-length: 114
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
location: /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=11684a65-24ec-4544-5431-e2c0c71003d7; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:04 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid
148.251.40.140307 Temporary Redirect 114 B URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash 0aee7f2b279ee74c9885e2c274475618
a2c46589fc5407aa5db06b7e889ac7a4ccba0bbd
191377512aa0855ce2e54f0c351911d3426a2d4d4cb258ba9e252cd2f5c901da
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html; charset=utf-8
content-length: 114
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
location: /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=3c5ebb45-3fa7-4db7-6919-fba9a2a3d4e8; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:04 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
cdn.optad360.net/icons/branding-video-negative.svg
54.230.111.126200 OK 11 kB URL GET HTTP/2 cdn.optad360.net/icons/branding-video-negative.svg
IP 54.230.111.126:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.net
FingerprintAA:78:57:71:31:74:64:48:50:D0:12:24:49:A2:2D:B0:41:CD:0A:41
ValidityMon, 26 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash e8b369dee46b79251c4a788cc8e263d7
80ebc58a2eee8f16b5962c3ab651cad8dcc8bcac
58a4e3d22df1a7c226a7f653c4ace56f03e76c3bb4c3fe8ded8765b4627a37dd
GET /icons/branding-video-negative.svg HTTP/1.1
Host: cdn.optad360.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 01 Jan 2024 17:36:43 GMT
last-modified: Wed, 22 Jun 2022 12:05:00 GMT
etag: W/"4ccbac335fa4fcdf4c526588ec6a6bc0"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: actHj0ZOY6n0WwXwzA78am_3o-qq1TlF5MULWs75mBfiHYZg7iHOtQ==
age: 9289702
X-Firefox-Spdy: h2
www.statsforads.com/tag/180427526.min.js
54.230.111.83200 OK 5.5 kB URL GET HTTP/2 www.statsforads.com/tag/180427526.min.js
IP 54.230.111.83:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subjectstatsforads.com
FingerprintD3:90:F9:62:08:8C:49:2A:DE:7B:AC:49:86:FC:5A:77:51:9F:C4:65
ValiditySat, 19 Aug 2023 00:00:00 GMT - Mon, 16 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 8a9f9b04870920b48b78dfa31fa36bb6
d10ffed9957be44f3d2d3ca65d93e8217af28f37
abc2021891d340b0038292225cf91b6b10362b80da2a73044ba84a8623addad7
GET /tag/180427526.min.js HTTP/1.1
Host: www.statsforads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 25 Mar 2019 16:21:48 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 18 Apr 2024 06:05:03 GMT
cache-control: public, max-age=3600
etag: W/"7a86304582faa7d415fa8f8b2f60071c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1GGa5RTFKjb1RHEfMgxlSh4EQFg5QBrgwfuhMHnqgNl4cNGATGIPmA==
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy=
51.89.9.254204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy=
IP 51.89.9.254:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=7516a748d25c406&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/ssp/adlook/?uid=17db4f94119548ee94f85b5dfecc8d50
148.251.40.140307 Temporary Redirect 122 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/ssp/adlook/?uid=17db4f94119548ee94f85b5dfecc8d50
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash a9ef91fff624504b9146f37dd87792c5
c2cd8dacb73180a7f3dc2c7938503e603ffdcda9
cf8ebe14cb309da1b05fe8773d2404e03da30be101838582c7df2e32e16cf235
GET /cookiesync/ssp/adlook/?uid=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html; charset=utf-8
content-length: 122
location: /cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=17db4f94119548ee94f85b5dfecc8d50
set-cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:04 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420304361&d=9878&wsc=00&typ=embed&mobile=0&c=44
87.98.236.115200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420304361&d=9878&wsc=00&typ=embed&mobile=0&c=44
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1713420304361&d=9878&wsc=00&typ=embed&mobile=0&c=44 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Thursday, 18-Apr-2024 06:05:04 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/adlook?id=17db4f94119548ee94f85b5dfecc8d50
195.201.152.107302 Found 98 B URL GET HTTP/2 sync.dmp.otm-r.com/match/adlook?id=17db4f94119548ee94f85b5dfecc8d50
IP 195.201.152.107:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT
File type HTML document, ASCII text
Hash 95005c48295c9d1f7c968d414608287f
9bbad26b8a6a3112ff48662c087bde869944a886
8105bd812db5b69d471a38d42da71d7a9e0a7edbaa450a362cb74311a56e165f
GET /match/adlook?id=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.17.6
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html; charset=utf-8
content-length: 98
access-control-allow-origin: *
location: /match/adlook?id=17db4f94119548ee94f85b5dfecc8d50&otcm_check=1713420304
set-cookie: mpid=NjYyMGI4MTAwNzQ2MjU4Yg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
pixel.dsp.onetarget.ru/adlook/pixel?id=17db4f94119548ee94f85b5dfecc8d50
130.193.53.230302 Found 0 B URL GET HTTP/2 pixel.dsp.onetarget.ru/adlook/pixel?id=17db4f94119548ee94f85b5dfecc8d50
IP 130.193.53.230:443
ASN #200350 Yandex.Cloud LLC
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectpixel.dsp.onetarget.ru
FingerprintC3:A5:98:2E:46:6A:1A:4F:85:6D:4A:FE:11:88:B1:D1:5F:AE:43:DD
ValidityFri, 15 Mar 2024 12:44:47 GMT - Thu, 13 Jun 2024 12:44:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adlook/pixel?id=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:04 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=b0e97597-f567-4ffc-abf4-718189ae4cb8
set-cookie: USER_ID=b0e97597-f567-4ffc-abf4-718189ae4cb8;max-age=2147483647;Secure;HttpOnly;SameSite=None
ADLOOK_USER_ID=17db4f94119548ee94f85b5dfecc8d50;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
kimberlite.io/rtb/bid/vast/al_all?domain=ja.joecomp.com&h=720&w=1280
217.199.220.43200 OK 133 B URL GET HTTP/1.1 kimberlite.io/rtb/bid/vast/al_all?domain=ja.joecomp.com&h=720&w=1280
IP 217.199.220.43:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
File type XML 1.0 document, ASCII text, with no line terminators
Hash 3ed89f7fb59e6250fcf88c5fc5b4c990
2fea6c4cd489548d0873a5012763caf5eb4de49c
bd48ba544b1801753b640ad08ac40b9a6158874aab143497bc42624ae66a9f96
GET /rtb/bid/vast/al_all?domain=ja.joecomp.com&h=720&w=1280 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:05:04 GMT
Content-Type: text/xml
Content-Length: 133
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://ja.joecomp.com
set-cookie: u=ZiC4EBclkiE~M1gKeujj8F5zuYQBAFWkMdfMZ3s; path=/; max-age=7776000; samesite=none; httponly; secure
server-timing: app;srv=9;dur=0.0663
sync.bumlam.com/?src=adlook&uid=17db4f94119548ee94f85b5dfecc8d50
31.172.81.158302 Moved Temporarily 0 B URL GET HTTP/1.1 sync.bumlam.com/?src=adlook&uid=17db4f94119548ee94f85b5dfecc8d50
IP 31.172.81.158:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=adlook&uid=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 18 Apr 2024 06:05:04 GMT
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 13 Apr 2044 06:05:04 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=adlook&s_data=CAIQARiQ8IKxBmIgMTdkYjRmOTQxMTk1NDhlZTk0Zjg1YjVkZmVjYzhkNTCiARCZq_tk_UkR7obgACWQwGR8
ETag: 99abfb64-fd49-11ee-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://ja.joecomp.com
Access-Control-Allow-Credentials: true
abnormalgently.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTnJTRGVvqzB42gWZdPdMumfcw2KMkWDcxN0VvYhUV9VMalPd1VR1T09yCi7IHgf%2Fgs43yQbdRbI3EVyks%2BAhIOx4ysFcvHlU2LP0ODj6oOq9V99X8L0fXx3ml8RHTi%2FWPtL7Uim6vNJ0G9c%2B87wbjU2Z5MPGsBN8EbRvNMzgnW7QdK83PhBsVy%2F7rue6nus11qURPT1crkHI9HHXa3bdZttveittDM3%2Fc5s7sNQBH1yS1yH5ZOmZcwWSVUji0zVhdzOdvv1%2BnCuaaYMBP%2Fkk2U10kSCehz3joJeczNjQ9vn6U%2BjkeCoXevAvMZIT4vz8FFFyMhOJaHA01RkpiAQRfwnFoIJQFSStwPR9SP6cAIzj1haS%2BOEtbQq69w9Ka3RCll78BVlMyNJvV5DE360qOWzc0SrPpE4shr0SclhB9iuk%2BRmy%2FQXI4gws%2BxKS%2F0KWX2wiiY%2B2rNKQvJzWLmUF2augxAjUOsjrIx3kPQd56iDmFw3meV7ockbdTpexFg9FFHDXo2HPo54bdJCzWt4IWToCUyMwc4DUHGBXjmDyn2B3SljuwGYT4nx8gAEvUQiCwhIUlKCQBEVGUAzKY66sb8uHXNk88mben%2FlWOdZZ%2F5Ae66wvEgJqRjC8PEwvyWt1fxx38RS74qJBO2JlhQWe74Ud5rus24pE2AvaYdhxu16XwsoS0i5MS96XE3L9j22kckJe%2FvwtRPQMVp2ByTdA8zdBixJ0p8R%2B8uieFkzHaZPpGFyXSLMlZHvOobokV6cD2tg6hWDnN39vTQ3MlEhNiXvyGUFfPRjf1gU5uq0LS55spZmM5T6th3cno5lY%2FPZDsVdowzfW7Oibd1kN1OHju8JmmzThMulb8mhVci7MujZMkB837Kci2s7tzmpukjzd3H5vfSNOjbBW6qQCrffwTwMmJ%2BSVq3ene3nthy1IU8HkJeL8nMwMUldg6QFsOtdvNYFRc06UOijycmz8aP6oJIES85xGJex%2F8mgejw2tf1NZHtoH6JsF0Ow%2BkrjEwJQYqBJUjWDzxXGWmvObv85kRGphHCmzcBQpo76etrm%2BnsDKi0bYark06K54YUhFGLX9Ti%2FwOKV%2BO%2FCDgLaQ2Umv8f2rfwMAAP%2F%2FAQAA%2F%2F%2FKPDPecQQAAA%3D%3D
172.240.108.68200 OK 7 B URL GET HTTP/1.1 abnormalgently.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTnJTRGVvqzB42gWZdPdMumfcw2KMkWDcxN0VvYhUV9VMalPd1VR1T09yCi7IHgf%2Fgs43yQbdRbI3EVyks%2BAhIOx4ysFcvHlU2LP0ODj6oOq9V99X8L0fXx3ml8RHTi%2FWPtL7Uim6vNJ0G9c%2B87wbjU2Z5MPGsBN8EbRvNMzgnW7QdK83PhBsVy%2F7rue6nus11qURPT1crkHI9HHXa3bdZttveittDM3%2Fc5s7sNQBH1yS1yH5ZOmZcwWSVUji0zVhdzOdvv1%2BnCuaaYMBP%2Fkk2U10kSCehz3joJeczNjQ9vn6U%2BjkeCoXevAvMZIT4vz8FFFyMhOJaHA01RkpiAQRfwnFoIJQFSStwPR9SP6cAIzj1haS%2BOEtbQq69w9Ka3RCll78BVlMyNJvV5DE360qOWzc0SrPpE4shr0SclhB9iuk%2BRmy%2FQXI4gws%2BxKS%2F0KWX2wiiY%2B2rNKQvJzWLmUF2augxAjUOsjrIx3kPQd56iDmFw3meV7ockbdTpexFg9FFHDXo2HPo54bdJCzWt4IWToCUyMwc4DUHGBXjmDyn2B3SljuwGYT4nx8gAEvUQiCwhIUlKCQBEVGUAzKY66sb8uHXNk88mben%2FlWOdZZ%2F5Ae66wvEgJqRjC8PEwvyWt1fxx38RS74qJBO2JlhQWe74Ud5rus24pE2AvaYdhxu16XwsoS0i5MS96XE3L9j22kckJe%2FvwtRPQMVp2ByTdA8zdBixJ0p8R%2B8uieFkzHaZPpGFyXSLMlZHvOobokV6cD2tg6hWDnN39vTQ3MlEhNiXvyGUFfPRjf1gU5uq0LS55spZmM5T6th3cno5lY%2FPZDsVdowzfW7Oibd1kN1OHju8JmmzThMulb8mhVci7MujZMkB837Kci2s7tzmpukjzd3H5vfSNOjbBW6qQCrffwTwMmJ%2BSVq3ene3nthy1IU8HkJeL8nMwMUldg6QFsOtdvNYFRc06UOijycmz8aP6oJIES85xGJex%2F8mgejw2tf1NZHtoH6JsF0Ow%2BkrjEwJQYqBJUjWDzxXGWmvObv85kRGphHCmzcBQpo76etrm%2BnsDKi0bYark06K54YUhFGLX9Ti%2FwOKV%2BO%2FCDgLaQ2Umv8f2rfwMAAP%2F%2FAQAA%2F%2F%2FKPDPecQQAAA%3D%3D
IP 172.240.108.68:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuTnJTRGVvqzB42gWZdPdMumfcw2KMkWDcxN0VvYhUV9VMalPd1VR1T09yCi7IHgf%2Fgs43yQbdRbI3EVyks%2BAhIOx4ysFcvHlU2LP0ODj6oOq9V99X8L0fXx3ml8RHTi%2FWPtL7Uim6vNJ0G9c%2B87wbjU2Z5MPGsBN8EbRvNMzgnW7QdK83PhBsVy%2F7rue6nus11qURPT1crkHI9HHXa3bdZttveittDM3%2Fc5s7sNQBH1yS1yH5ZOmZcwWSVUji0zVhdzOdvv1%2BnCuaaYMBP%2Fkk2U10kSCehz3joJeczNjQ9vn6U%2BjkeCoXevAvMZIT4vz8FFFyMhOJaHA01RkpiAQRfwnFoIJQFSStwPR9SP6cAIzj1haS%2BOEtbQq69w9Ka3RCll78BVlMyNJvV5DE360qOWzc0SrPpE4shr0SclhB9iuk%2BRmy%2FQXI4gws%2BxKS%2F0KWX2wiiY%2B2rNKQvJzWLmUF2augxAjUOsjrIx3kPQd56iDmFw3meV7ockbdTpexFg9FFHDXo2HPo54bdJCzWt4IWToCUyMwc4DUHGBXjmDyn2B3SljuwGYT4nx8gAEvUQiCwhIUlKCQBEVGUAzKY66sb8uHXNk88mben%2FlWOdZZ%2F5Ae66wvEgJqRjC8PEwvyWt1fxx38RS74qJBO2JlhQWe74Ud5rus24pE2AvaYdhxu16XwsoS0i5MS96XE3L9j22kckJe%2FvwtRPQMVp2ByTdA8zdBixJ0p8R%2B8uieFkzHaZPpGFyXSLMlZHvOobokV6cD2tg6hWDnN39vTQ3MlEhNiXvyGUFfPRjf1gU5uq0LS55spZmM5T6th3cno5lY%2FPZDsVdowzfW7Oibd1kN1OHju8JmmzThMulb8mhVci7MujZMkB837Kci2s7tzmpukjzd3H5vfSNOjbBW6qQCrffwTwMmJ%2BSVq3ene3nthy1IU8HkJeL8nMwMUldg6QFsOtdvNYFRc06UOijycmz8aP6oJIES85xGJex%2F8mgejw2tf1NZHtoH6JsF0Ow%2BkrjEwJQYqBJUjWDzxXGWmvObv85kRGphHCmzcBQpo76etrm%2BnsDKi0bYark06K54YUhFGLX9Ti%2FwOKV%2BO%2FCDgLaQ2Umv8f2rfwMAAP%2F%2FAQAA%2F%2F%2FKPDPecQQAAA%3D%3D HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 250ea795c5442163ca588375098bf6d6
Strict-Transport-Security: max-age=0; includeSubdomains
kimberlite.io/rtb/sync/adlook?u=17db4f94119548ee94f85b5dfecc8d50
217.199.220.44307 Temporary Redirect 0 B URL GET HTTP/1.1 kimberlite.io/rtb/sync/adlook?u=17db4f94119548ee94f85b5dfecc8d50
IP 217.199.220.44:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/adlook?u=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 18 Apr 2024 06:05:04 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=ZiC4EBjlL4Q~AimhKU9XFE021xLXUcvjOfQyZDg; path=/; max-age=7776000; samesite=none; httponly; secure
as=OFrH4WYguBA; max-age=604800; samesite=none; httponly; secure
f=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsolta%26uid%3DZiC4EBjlL4Q; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZiC4EBjlL4Q
referrer-policy: no-referrer
server-timing: app;srv=11;dur=0.0002
cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
54.82.86.224200 OK 3.3 kB URL GET HTTP/2 cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
IP 54.82.86.224:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subjectcookies.nextmillmedia.com
Fingerprint01:8E:4A:16:C7:C3:B6:97:4E:36:AC:D6:42:3C:07:30:FB:79:87:D6
ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
Hash a067503d12145bfec1acfa8885651ac5
3bf08367ec813bf7ec2013151cd1b0140e451ccd
21526cbb25803984f3c77f077efd23c60eedf05889b30a8cfc10285bf9db4535
GET /sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID] HTTP/1.1
Host: cookies.nextmillmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html
content-length: 3273
server: fasthttp
set-cookie: NMUID=csuid_48394562-aa73-4c83-a06c-43e21db8bef2; max-age=604800; secure; SameSite=None
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player_utils.js?s=1713386463
87.98.236.115200 OK 5.6 kB URL GET HTTP/2 cdn.onnetwork.tv/js/player86/player_utils.js?s=1713386463
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type gzip compressed data, max speed, from Unix
Hash 1d1a7a45847beb125bee5b7293bb16f0
77b5bbe34aa7199199e7a5a243e0ca5ae2f9f257
3cd679c08d83e012eeadd4ccdc20d5016d4de83f0fa4871c14bacd01eaa95542
GET /js/player86/player_utils.js?s=1713386463 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 20:41:03 GMT
vary: Accept-Encoding
etag: W/"662033df-3fc5"
expires: Mon, 04 Nov 2024 06:05:04 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D
142.132.138.213302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D
IP 142.132.138.213:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D&dp=110&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 18-Apr-24 06:15:04 GMT
aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=adlook&id=17db4f94119548ee94f85b5dfecc8d50
217.65.2.150204 No Content 0 B URL GET HTTP/1.1 match.new-programmatic.com/userbind?src=adlook&id=17db4f94119548ee94f85b5dfecc8d50
IP 217.65.2.150:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectnew-programmatic.com
FingerprintDC:66:9C:C9:66:1A:E4:EF:2D:CF:20:88:F1:EB:C8:72:0E:CE:CD:2D
ValidityThu, 04 Apr 2024 19:59:41 GMT - Wed, 03 Jul 2024 19:59:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=adlook&id=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 18 Apr 2024 06:05:04 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
ssp.al-adtech.com/api/sync/adlook
45.139.25.119302 Found 0 B URL GET HTTP/1.1 ssp.al-adtech.com/api/sync/adlook
IP 45.139.25.119:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint09:19:46:AF:0C:12:1A:6D:06:41:56:6B:AF:2F:C2:69:A3:3F:1A:37
ValidityMon, 15 Apr 2024 04:45:07 GMT - Sun, 14 Jul 2024 04:45:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync/adlook HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 06:05:04 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Location: https://ads.adlook.me/csync?pid=alab&uid=70b06ba9-673d-4e4a-849a-ee68bab58348
Set-Cookie: afp_cookie=gAAAAABmILgQ_XntY1RRlWHQ5i_u3Aa_7yB3VPqVHPbYMS4SWJgndGRaCk-goxbnrccVfA7l3zq-hqb09c_R2wQOIxaLJ3Ow6C_bKI3HosSP9zaGbq_WTZsIrScyh85cUfkZtvtFdcWtsBYZGUM_8LCWF7iJttO4FPlMegMD7DSy5JTXSkg9LXZppn0aAzyRtQWvsmeRttWgWca-eKefmq-OKriumsyZmpPM3jzERITqhZyaQZJfkiA=$; expires=Sat, 18 May 2024 06:05:04 GMT; path=/; secure; SameSite=None
dsp.tigra.dev/bid/vast-container?ssp=57
5.227.125.250200 OK 619 B URL GET HTTP/2 dsp.tigra.dev/bid/vast-container?ssp=57
IP 5.227.125.250:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectdsp.tigra.dev
Fingerprint3D:EB:43:D1:08:BE:3F:D8:90:8F:EE:83:3A:7A:5C:F9:B1:1A:42:77
ValidityFri, 29 Mar 2024 01:08:47 GMT - Thu, 27 Jun 2024 01:08:46 GMT
File type XML 1.0 document, ASCII text
Hash 1f17b17f803927e610e73364cd5e5996
483afe5c543a070d7cf634f286b585a9967f1040
0cc39c60f2dd185ff1e403e43a4cb5639325838244921688e18a7e07a262a10b
GET /bid/vast-container?ssp=57 HTTP/1.1
Host: dsp.tigra.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: application/xml
content-length: 619
access-control-allow-credentials: true
access-control-allow-origin: https://ja.joecomp.com
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
45.133.44.3200 OK 1.1 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
IP 45.133.44.3:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3
ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File type gzip compressed data, from Unix
Hash 82a82ce00f8ce6027019b01ff72732b9
21494167dae94ffe1ce51c3d1bd938285a59ef72
a112623817d137a70cd111b7c12a463b4b66499e9fe251ec3202f102ebd7dd63
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 18 Apr 2024 07:05:04 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=17db4f94119548ee94f85b5dfecc8d50
148.251.40.140200 OK 43 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=17db4f94119548ee94f85b5dfecc8d50
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/gif
content-length: 43
serverid: TODO
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
142.250.74.138200 OK 28 kB URL GET HTTP/2 imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
IP 142.250.74.138:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type JavaScript source, ASCII text, with very long lines (2213)
Hash 684406cfb3d167d330a8e995fdd944b4
1d96cfc35bb5061b4d98c2629d55c98495e46005
3ffb5394d736a82440cc6ae71e551f0e2e9cff8a39e061fc5ea3f43b68a2d2b5
GET /js/sdkloader/gpt_proxy.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 28005
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 05:53:00 GMT
expires: Thu, 18 Apr 2024 06:08:00 GMT
cache-control: public, max-age=900
age: 725
last-modified: Wed, 17 Apr 2024 16:04:44 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/adlook?id=17db4f94119548ee94f85b5dfecc8d50&otcm_check=1713420304
195.201.152.107302 Found 95 B URL GET HTTP/2 sync.dmp.otm-r.com/match/adlook?id=17db4f94119548ee94f85b5dfecc8d50&otcm_check=1713420304
IP 195.201.152.107:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT
File type HTML document, ASCII text
Hash 43fa785062c3027efb964ad595e67f65
01ceb0acff495dde3d13dc7ee5bc0a1f35bee042
b9bb0bfb2a14e86eab0789ad4a5bb4a67f5517b125a2341c61a831486fa1f5d6
GET /match/adlook?id=17db4f94119548ee94f85b5dfecc8d50&otcm_check=1713420304 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: mpid=NjYyMGI4MTAwNzQ2MjU4Yg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.17.6
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: text/html; charset=utf-8
content-length: 95
access-control-allow-origin: *
location: https://ads.adlook.me/csync?pid=otm&uid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
set-cookie: mpid=NjYyMGI4MTAwNzQ2MjU4Yg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
nr.bidderstack.com/adlook/cm?user_id=17db4f94119548ee94f85b5dfecc8d50
167.235.186.124302 Found 0 B URL GET HTTP/1.1 nr.bidderstack.com/adlook/cm?user_id=17db4f94119548ee94f85b5dfecc8d50
IP 167.235.186.124:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adlook/cm?user_id=17db4f94119548ee94f85b5dfecc8d50 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:05:05 GMT
Content-Length: 0
Connection: keep-alive
Location: /adlook/cm?user_id=17db4f94119548ee94f85b5dfecc8d50&pupa=1
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Fri, 18-Apr-2025 06:05:05 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
sync.bumlam.com/?src=adlook&s_data=CAIQARiQ8IKxBmIgMTdkYjRmOTQxMTk1NDhlZTk0Zjg1YjVkZmVjYzhkNTCiARCZq_tk_UkR7obgACWQwGR8
31.172.81.160200 OK 43 B URL GET HTTP/1.1 sync.bumlam.com/?src=adlook&s_data=CAIQARiQ8IKxBmIgMTdkYjRmOTQxMTk1NDhlZTk0Zjg1YjVkZmVjYzhkNTCiARCZq_tk_UkR7obgACWQwGR8
IP 31.172.81.160:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT
File type GIF image data, version 89a, 1 x 1
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /?src=adlook&s_data=CAIQARiQ8IKxBmIgMTdkYjRmOTQxMTk1NDhlZTk0Zjg1YjVkZmVjYzhkNTCiARCZq_tk_UkR7obgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:05:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
Set-Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 13 Apr 2044 06:05:05 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://ja.joecomp.com
Access-Control-Allow-Credentials: true
rtb.hhkld.com/tools/sync?dsp=67&uid=
185.106.140.207200 OK 43 B URL GET HTTP/2 rtb.hhkld.com/tools/sync?dsp=67&uid=
IP 185.106.140.207:443
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerLet's Encrypt
Subjecthhkld.com
Fingerprint8F:B1:0C:A0:87:DD:30:BF:E2:DD:3B:46:BE:0C:C8:0A:AF:06:35:32
ValidityMon, 19 Feb 2024 04:08:17 GMT - Sun, 19 May 2024 04:08:16 GMT
File type GIF image data, version 89a, 1 x 1
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=67&uid= HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookies.nextmillmedia.com/
Cookie: uid=CmX+RGYguA6bHU511zksAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Thu, 18 Apr 2024 06:05:05 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2
rtb.hhkld.com/tools/sync?dsp=26&uid=&gdpr=0
185.106.140.207200 OK 43 B URL GET HTTP/2 rtb.hhkld.com/tools/sync?dsp=26&uid=&gdpr=0
IP 185.106.140.207:443
Requested by https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
Certificate IssuerLet's Encrypt
Subjecthhkld.com
Fingerprint8F:B1:0C:A0:87:DD:30:BF:E2:DD:3B:46:BE:0C:C8:0A:AF:06:35:32
ValidityMon, 19 Feb 2024 04:08:17 GMT - Sun, 19 May 2024 04:08:16 GMT
File type GIF image data, version 89a, 1 x 1
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /tools/sync?dsp=26&uid=&gdpr=0 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prebid.a-mo.net/
Cookie: uid=CmX+RGYguA6bHU511zksAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET, POST
access-control-allow-origin: *
last-modified: Thu, 18 Apr 2024 06:05:05 GMT
expires: Wed, 11 Nov 1998 11:11:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2
cdn.optad360.net/icons/branding-ads.svg
54.230.111.126200 OK 2.5 kB URL GET HTTP/2 cdn.optad360.net/icons/branding-ads.svg
IP 54.230.111.126:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.net
FingerprintAA:78:57:71:31:74:64:48:50:D0:12:24:49:A2:2D:B0:41:CD:0A:41
ValidityMon, 26 Jun 2023 00:00:00 GMT - Wed, 24 Jul 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash b0a3aa2e09d4ddd83150d7bd3347c5c0
66a9f97f6a98adc6d4b1db03927fa77956274073
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
GET /icons/branding-ads.svg HTTP/1.1
Host: cdn.optad360.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
date: Wed, 10 Jan 2024 05:14:26 GMT
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HNwiFI90Zzu18aoob19t-Fg9b6inDYiDYh61eGQfjswUUVDUWFqkNw==
age: 8556638
X-Firefox-Spdy: h2
onetag-sys.com/usync/?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Donetag%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=0&gdpr_consent=&us_privacy=
51.89.9.254403 Forbidden 0 B URL GET HTTP/2 onetag-sys.com/usync/?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Donetag%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=0&gdpr_consent=&us_privacy=
IP 51.89.9.254:443
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?redir=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Donetag%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
cache-control: no-store
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
www.acint.net/rmatch?r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D&dp=110&tc=1
142.132.138.213302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D&dp=110&tc=1
IP 142.132.138.213:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D&dp=110&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v4=1713420305; expires=Sat, 18-May-24 06:05:05 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t
148.251.40.140200 OK 7.0 kB URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 6f7dec9af9b6c48c1de164c310e624d8
d7ac4e33cbb31271a39c3f77d7bf0378ceb9cb24
715011ebc3c431cb7643b022418f9a7c9373b938151ba38e33c107044ae0c9d7
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByH1UD5_XFVca8/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHXgM0XseKM04/jsvpaid?set_buzzoola_cookie=t
148.251.40.140200 OK 12 kB URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHXgM0XseKM04/jsvpaid?set_buzzoola_cookie=t
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 816b69d88c19359bf66637e51460b519
cf67c24109009e78faafe1d01c1e528a14dbf81c
61d7fb84f10fa275f63c81edf8c98678f7bce58bda46a2f42cf2049e56c08c37
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHXgM0XseKM04/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2
abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=599
172.240.108.68200 OK 0 B URL GET HTTP/1.1 abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=599
IP 172.240.108.68:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=599 HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=4a862009-6578-40ec-a1f9-0a744a7ebc28&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a8e55c612178c20c93be7f647780919a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
192.243.59.12200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=4a862009-6578-40ec-a1f9-0a744a7ebc28&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a8e55c612178c20c93be7f647780919a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=4a862009-6578-40ec-a1f9-0a744a7ebc28&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=a8e55c612178c20c93be7f647780919a&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 06:05:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6582c06a4a1d3c2ce7ad2b2f716c2ad
Strict-Transport-Security: max-age=0; includeSubdomains
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 138 kB URL GET HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type JavaScript source, ASCII text, with very long lines (2042)
Size 138 kB (137590 bytes)
Hash 6b768f9a8ae41363d83fea0744d1a23b
728464f80764022db06bf578aceb1376e3a8656c
c77c7fd724aa3cdea7658f1c56790cb2586867c498ab785cdd21b4942a80784e
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 137590
date: Thu, 18 Apr 2024 06:05:05 GMT
expires: Thu, 18 Apr 2024 06:05:05 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png
104.21.70.253200 OK 6.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png
IP 104.21.70.253:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5500309
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGaE2iFZZe8wG7dbiBawCzW86TZLlrVdtuQAp7uHpu%2Bwwp1O2SSI9sfL0OLyUW91CXMsY%2B4BdP%2FAZfM8FyYLzAm5DdF25Bg9P7OuNONJVNEzDsRMdyOHVCd9Wmrzs6PhRrHGJN16D7Zv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762760dd8ef568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ads.adlook.me/csync?pid=alab&uid=70b06ba9-673d-4e4a-849a-ee68bab58348
5.101.76.186200 OK 43 B URL GET HTTP/2 ads.adlook.me/csync?pid=alab&uid=70b06ba9-673d-4e4a-849a-ee68bab58348
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type ASCII text, with no line terminators
Hash af4749db0aaa5796db202a0ca870f289
13016f61075dadda5542b4a7734cdce06ce58e36
e6a973ade53366601816d81d4a6eebeb27fbfd9ca710dc7af8ba291811211149
GET /csync?pid=alab&uid=70b06ba9-673d-4e4a-849a-ee68bab58348 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; expires=Thu, 17 Apr 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Thu, 18 Apr 2024 06:05:05 GMT
content-length: 43
X-Firefox-Spdy: h2
s-img.mgid.com/g/14137476/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvYWE2NjBiNzVkMjRhZjE3Nzk0ZjViNDBhYzRjYTgyODguanBlZw.webp?v=1713420305-RHFYwvz28dXSft9-L0JKQ9csb8Qq2QzAL9GiToK21Wg
104.19.132.76200 OK 40 kB URL GET HTTP/3 s-img.mgid.com/g/14137476/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvYWE2NjBiNzVkMjRhZjE3Nzk0ZjViNDBhYzRjYTgyODguanBlZw.webp?v=1713420305-RHFYwvz28dXSft9-L0JKQ9csb8Qq2QzAL9GiToK21Wg
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp
Hash e6fb8a629ace2944fe98f1466bf0f429
bc7a86c0053e8092747850b261320040238e92aa
63507efe4cd775832a9ea42222852184f21e3adf5d474e175674e36b44a27b68
GET /g/14137476/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvYWE2NjBiNzVkMjRhZjE3Nzk0ZjViNDBhYzRjYTgyODguanBlZw.webp?v=1713420305-RHFYwvz28dXSft9-L0JKQ9csb8Qq2QzAL9GiToK21Wg HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/webp
content-length: 40310
x-mg-request-uuid: 3563dfde-d1b0-4f20-af53-a07bd4dfd344
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 09:56:38 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 12522497
accept-ranges: bytes
set-cookie: __cf_bm=EfM8DvnaG5pYD7YML6_p5_KzH3m5hc0gSa3YwLdpJg4-1713420305-1.0.1.1-2xrIbEWHvG.SRQJOJLeIX09IZQ_7zj0jUGYfogtXjTx2TtR6WMb1DIQPzK0YNFAuUkFTXzMG7H6JDZe3z1a7XQ; path=/; expires=Thu, 18-Apr-24 06:35:05 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
server: cloudflare
cf-ray: 8762760e3ab8b4f1-OSL
alt-svc: h3=":443"; ma=86400
s-img.mgid.com/g/11533494/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvNjZjOGEyMWJkYzBlODk1ZWQ0NzJhNDMyM2YxMTcxMjcuanBlZw.webp?v=1713420305-SxZyW6mmiqqaGIVZB0eZEYMzOIupvZxD2uvHTt9DlH8
104.19.132.76200 OK 25 kB URL GET HTTP/3 s-img.mgid.com/g/11533494/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvNjZjOGEyMWJkYzBlODk1ZWQ0NzJhNDMyM2YxMTcxMjcuanBlZw.webp?v=1713420305-SxZyW6mmiqqaGIVZB0eZEYMzOIupvZxD2uvHTt9DlH8
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5078f293d6810d94b5012c15235b9f98
a7c58d561c5f34509aa24e6898dd477781d02de1
3df455678f8ecfc0a47e0862159525199b376676d4876ff118f9d1c3bd7b62cc
GET /g/11533494/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvNjZjOGEyMWJkYzBlODk1ZWQ0NzJhNDMyM2YxMTcxMjcuanBlZw.webp?v=1713420305-SxZyW6mmiqqaGIVZB0eZEYMzOIupvZxD2uvHTt9DlH8 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/webp
content-length: 25192
x-mg-request-uuid: 54a3d0ab-315c-45d5-91b5-176f0caae978
access-control-allow-origin: *
last-modified: Wed, 01 Dec 2021 12:34:56 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 6898767
accept-ranges: bytes
set-cookie: __cf_bm=yc4MFbGAlRBQ9NZF2AGLh4iAeLbI1g_w94l76nM5jeg-1713420305-1.0.1.1-ig4BZJgWF7jBU3ThBDe1YtBmuze2G8OLQ5zFUUEe6lMoPnyI9ee.w0V52_9f_FbD_CNow0.XTnUyx0kv7TfrdA; path=/; expires=Thu, 18-Apr-24 06:35:05 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
server: cloudflare
cf-ray: 8762760e3aafb4f1-OSL
alt-svc: h3=":443"; ma=86400
s-img.mgid.com/g/10881040/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTU3LHlfMzkxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC84YTlkOWNmNDIxYTQ4ZTdjNWI3YzA5MGM0ZmYwZGZlYi5qcGVn.webp?v=1713420305-y7_qf3iptWq4sYXrthYMscUoynl8OFHLjZkbb2evz3o
104.19.132.76200 OK 12 kB URL GET HTTP/3 s-img.mgid.com/g/10881040/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTU3LHlfMzkxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC84YTlkOWNmNDIxYTQ4ZTdjNWI3YzA5MGM0ZmYwZGZlYi5qcGVn.webp?v=1713420305-y7_qf3iptWq4sYXrthYMscUoynl8OFHLjZkbb2evz3o
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp
Hash cd702d57eb295e7c7fb4bd0351466b19
288ec90411c39337cffc515bbd48bdf95fb0425c
e25d03a13e235ebda6c622ae14f571f235a768e104765e129d45735fbfd63641
GET /g/10881040/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTU3LHlfMzkxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC84YTlkOWNmNDIxYTQ4ZTdjNWI3YzA5MGM0ZmYwZGZlYi5qcGVn.webp?v=1713420305-y7_qf3iptWq4sYXrthYMscUoynl8OFHLjZkbb2evz3o HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/webp
content-length: 11778
x-mg-request-uuid: c5c9fe6e-6c8b-4452-a61f-7134b2feb764
access-control-allow-origin: *
last-modified: Thu, 11 Nov 2021 15:47:39 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 1331980
accept-ranges: bytes
set-cookie: __cf_bm=0fNBTSzECiDHvtjHrOhMbMAo.MgbyYIYJr6cCEwj.KY-1713420305-1.0.1.1-OU4ZYekjNBrTKct8C3G58NXAyXWCHZ.NBVFd0QHf0fw_zadL8L1UCQsEEoQDj6qWYDiLj1g_nvdog4Ch6Ep4Jg; path=/; expires=Thu, 18-Apr-24 06:35:05 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
server: cloudflare
cf-ray: 8762760e3ab2b4f1-OSL
alt-svc: h3=":443"; ma=86400
s-img.mgid.com/g/10881034/492x277/0x0x601x338/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2M0MTRkYWM0MmJjMzlkNzZiNDdmMWViZmUyMjA1ZjYyLnBuZw.webp?v=1713420305-xHcl7uEZSCj0Ozzi04dBp7dxVZPAi7IimFV1ESsu8hM
104.19.132.76200 OK 14 kB URL GET HTTP/3 s-img.mgid.com/g/10881034/492x277/0x0x601x338/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2M0MTRkYWM0MmJjMzlkNzZiNDdmMWViZmUyMjA1ZjYyLnBuZw.webp?v=1713420305-xHcl7uEZSCj0Ozzi04dBp7dxVZPAi7IimFV1ESsu8hM
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 6d362f33b165c8889eb87da799e8ce2e
531a9ac60ae96ccc29a3fb2c604320ca4a24f4ad
1bc03aa29f984c13eb88b1e57ba4468540685c15963807846dbdaaae9896740d
GET /g/10881034/492x277/0x0x601x338/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2M0MTRkYWM0MmJjMzlkNzZiNDdmMWViZmUyMjA1ZjYyLnBuZw.webp?v=1713420305-xHcl7uEZSCj0Ozzi04dBp7dxVZPAi7IimFV1ESsu8hM HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/webp
content-length: 13508
x-mg-request-uuid: 7ea1b59e-1d34-45d4-8c28-3af562b8439c
access-control-allow-origin: *
last-modified: Thu, 09 Nov 2023 20:28:28 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 12792155
accept-ranges: bytes
set-cookie: __cf_bm=tiR.UK3q9m6.ddikjcmWwY3TRbOs3hPhQS7YHvohuBw-1713420305-1.0.1.1-j.gUczNBBlPc6bAbPUh86lI_aElXRsgMdNrg.JZIogC0iC8G6K5NBu1Ody6ukJQUKhbgttnyfpT2wRO.vI3xTw; path=/; expires=Thu, 18-Apr-24 06:35:05 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
server: cloudflare
cf-ray: 8762760e3ab4b4f1-OSL
alt-svc: h3=":443"; ma=86400
s-img.mgid.com/g/10881001/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZjRhZmMwYTI2YzRhMjY0MzAuanBn.webp?v=1713420305-6Y6tY8-SZCThEjNv02WWlHKc0QnRyde81OduBIHgBHA
104.19.132.76200 OK 49 kB URL GET HTTP/3 s-img.mgid.com/g/10881001/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZjRhZmMwYTI2YzRhMjY0MzAuanBn.webp?v=1713420305-6Y6tY8-SZCThEjNv02WWlHKc0QnRyde81OduBIHgBHA
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 39aceac480b02bae7f403c5aa4c5db98
516707b890dbbfe991edddfbd8cc7b7b39fa8815
efdff64f97c822dbbce51be67b8de1e53532143c41b079f193f0fa25ecb13292
GET /g/10881001/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvYTQwNTRkOGRiYzY2ZmVlZjRhZmMwYTI2YzRhMjY0MzAuanBn.webp?v=1713420305-6Y6tY8-SZCThEjNv02WWlHKc0QnRyde81OduBIHgBHA HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/webp
content-length: 49304
x-mg-request-uuid: 64241e7c-0615-4a7b-8beb-73d11645f253
access-control-allow-origin: *
last-modified: Thu, 11 Nov 2021 15:45:21 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2852306
accept-ranges: bytes
set-cookie: __cf_bm=iKkxaZfE1fXxmRehkosz9W3h7XhzVy_KHK7SJiN0CPM-1713420305-1.0.1.1-voNEiKEBYUVW3D.NEXFFFPx9v7JrcYvEeIgGuAwbgDy3X.U36ApavT4uW1rG9t64pHz5skfqtEgwvc7Zw8Arhw; path=/; expires=Thu, 18-Apr-24 06:35:05 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
server: cloudflare
cf-ray: 8762760e3ab5b4f1-OSL
alt-svc: h3=":443"; ma=86400
csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D
35.214.163.160307 Temporary Redirect 0 B URL GET HTTP/2 csync.loopme.me/?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D
IP 35.214.163.160:443
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerLet's Encrypt
Subjectloopme.com
FingerprintB5:6B:D9:83:3A:99:37:6E:7D:3F:C0:37:A3:18:E1:43:DE:05:A2:E9
ValidityTue, 16 Apr 2024 08:45:07 GMT - Mon, 15 Jul 2024 08:45:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pubid=11364&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Dloopme%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7Bviewer_token%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=64bbf56e-d677-47f0-8325-6b65b317b73e; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Thu, 18-Jul-2024 06:05:05 GMT; SameSite=None
location: https://cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=64bbf56e-d677-47f0-8325-6b65b317b73e&gdpr_consent=null&gdpr=0
content-length: 0
date: Thu, 18 Apr 2024 06:05:05 GMT
server: _
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player_light_v.js?s=1713386463
87.98.236.115200 OK 89 kB URL GET HTTP/2 cdn.onnetwork.tv/js/player86/player_light_v.js?s=1713386463
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type JavaScript source, ASCII text, with very long lines (1252)
Hash 52a1b7fc333ba52bb15a79c6c77dba72
decb091abb76c506492237a5031f4c8bf2a95936
639b9422e1815fe89445b956919c3fd563c66edf541d50e10780aa12ae5de0cc
GET /js/player86/player_light_v.js?s=1713386463 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 20:41:03 GMT
vary: Accept-Encoding
etag: W/"662033df-506e0"
expires: Mon, 04 Nov 2024 06:05:04 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
ads.adlook.me/csync?pid=otm&uid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
5.101.76.186200 OK 43 B URL GET HTTP/2 ads.adlook.me/csync?pid=otm&uid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type ASCII text, with no line terminators
Hash af4749db0aaa5796db202a0ca870f289
13016f61075dadda5542b4a7734cdce06ce58e36
e6a973ade53366601816d81d4a6eebeb27fbfd9ca710dc7af8ba291811211149
GET /csync?pid=otm&uid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; expires=Thu, 17 Apr 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Thu, 18 Apr 2024 06:05:05 GMT
content-length: 43
X-Firefox-Spdy: h2
s-img.mgid.com/g/12578218/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC9lMmJjOTg3Nzg5MTIwNTcxM2YyZGVhNTQyOGVlNTIyMC5naWY.gif?v=1713420305-qbAFBFiaQHZ0B4OQ_N7fTQt_oI9Al5ye2uY1iQZB6Gc
104.19.132.76200 OK 1.3 MB URL GET HTTP/3 s-img.mgid.com/g/12578218/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC9lMmJjOTg3Nzg5MTIwNTcxM2YyZGVhNTQyOGVlNTIyMC5naWY.gif?v=1713420305-qbAFBFiaQHZ0B4OQ_N7fTQt_oI9Al5ye2uY1iQZB6Gc
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type RIFF (little-endian) data, Web/P image
Size 1.3 MB (1328378 bytes)
Hash d316143ea9a507ba6997821cf65b3830
59cd1e574379b0ad024551aa97a1a1abf63b364f
024e6cb7f89c557a82df5f6efa3867e01fc4197ffe806b48c9fcc6c7af5e5eb8
GET /g/12578218/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC9lMmJjOTg3Nzg5MTIwNTcxM2YyZGVhNTQyOGVlNTIyMC5naWY.gif?v=1713420305-qbAFBFiaQHZ0B4OQ_N7fTQt_oI9Al5ye2uY1iQZB6Gc HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: image/webp
content-length: 1328378
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=1381487
content-disposition: inline; filename="aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAzLzEwMTkyNC9lMmJjOTg3Nzg5MTIwNTcxM2YyZGVhNTQyOGVlNTIyMC5naWY.webp"
last-modified: Sun, 25 Jun 2023 14:08:35 GMT
vary: Accept
x-mg-request-uuid: 9013d043-0473-4225-9848-94f4f5e3b3c3
cf-cache-status: HIT
age: 12270588
accept-ranges: bytes
set-cookie: __cf_bm=0F0ytrdsYoJZ7fRrjZtCLWs_jBD55A9t2OKVeeTYu4k-1713420305-1.0.1.1-OIc_J88cACZsJbmmV5XLlPyX97j2GovtFzZwLtQg0.dGIeCe3_LQuwgElh4.lkoTvwH4O.HuC106Ibr6StCNjQ; path=/; expires=Thu, 18-Apr-24 06:35:05 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
server: cloudflare
cf-ray: 8762760e3ab7b4f1-OSL
alt-svc: h3=":443"; ma=86400
nr.bidderstack.com/adlook/cm?user_id=17db4f94119548ee94f85b5dfecc8d50&pupa=1
167.235.186.124302 Found 0 B URL GET HTTP/1.1 nr.bidderstack.com/adlook/cm?user_id=17db4f94119548ee94f85b5dfecc8d50&pupa=1
IP 167.235.186.124:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adlook/cm?user_id=17db4f94119548ee94f85b5dfecc8d50&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:05:05 GMT
Content-Length: 0
Connection: keep-alive
Location: https://ads.adlook.me/csync?pid=hyp&uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Fri, 18-Apr-2025 06:05:05 GMT;
csorigin2=230; domain=.bidderstack.com; path=/; expires=Thu, 18-Apr-2024 06:10:05 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=
54.82.86.224204 No Content 0 B URL GET HTTP/2 cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=
IP 54.82.86.224:443
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerAmazon
Subjectcookies.nextmillmedia.com
Fingerprint01:8E:4A:16:C7:C3:B6:97:4E:36:AC:D6:42:3C:07:30:FB:79:87:D6
ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid= HTTP/1.1
Host: cookies.nextmillmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cookies.nextmillmedia.com/
DNT: 1
Connection: keep-alive
Cookie: NMUID=csuid_48394562-aa73-4c83-a06c-43e21db8bef2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 18 Apr 2024 06:05:05 GMT
server: fasthttp
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.634.0_en.html
142.250.74.138 249 kB URL imasdk.googleapis.com/js/core/bridge3.634.0_en.html
IP 142.250.74.138:0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type HTML document, ASCII text, with very long lines (48587)
Size 249 kB (249352 bytes)
Hash a63b0ecc09cab0033d643e7ffe41341f
59fe3020160ffefa5af3ae36397ed7cdb0393eae
58e7c73b90cdc7d20235fda430532c7d94e42a9db2dfbe631238bc27ff321875
GET /js/core/bridge3.634.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 249352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 19:45:11 GMT
expires: Tue, 15 Apr 2025 19:45:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 19:43:04 GMT
content-type: text/html
vary: Accept-Encoding
age: 209994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=64bbf56e-d677-47f0-8325-6b65b317b73e&gdpr_consent=null&gdpr=0
54.82.86.224302 Found 0 B URL GET HTTP/2 cookies.nextmillmedia.com/setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=64bbf56e-d677-47f0-8325-6b65b317b73e&gdpr_consent=null&gdpr=0
IP 54.82.86.224:443
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerAmazon
Subjectcookies.nextmillmedia.com
Fingerprint01:8E:4A:16:C7:C3:B6:97:4E:36:AC:D6:42:3C:07:30:FB:79:87:D6
ValidityTue, 13 Jun 2023 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?bidder=loopme&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=64bbf56e-d677-47f0-8325-6b65b317b73e&gdpr_consent=null&gdpr=0 HTTP/1.1
Host: cookies.nextmillmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cookies.nextmillmedia.com/
DNT: 1
Connection: keep-alive
Cookie: NMUID=csuid_48394562-aa73-4c83-a06c-43e21db8bef2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:05 GMT
content-length: 0
location: https://pbs.nextmillmedia.com/setuid?bidder=loopme&uid=64bbf56e-d677-47f0-8325-6b65b317b73e
server: fasthttp
set-cookie: syncedBidders={"loopme":1}; max-age=604800; secure; SameSite=None
lastSync=2024-04-18 06:05:05; secure; SameSite=None
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css
104.21.70.253200 OK 254 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css
IP 104.21.70.253:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Size 254 kB (254212 bytes)
Hash fc638645a938f69e69360c75335ffd1a
143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4
7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIw3VA0dVY9EegObW6dpUTDkA1G569ckh6u1gn5zMSOy4QcG%2FiZiUNu6YH7p97kNzadq2vV4H%2B0drhFrHKi%2FJnQpzm4fnhNHcGXuXDZZS4LUDkGg1yoUW7KV%2F3ba38l1Fm6aMgQTgBtK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762760d3feb568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1713420305822&event=plimpression&d=9878&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
87.98.236.115200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1713420305822&event=plimpression&d=9878&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1713420305822&event=plimpression&d=9878&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Thursday, 18-Apr-2024 06:05:06 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.joecomp.com/logo/logo_mini.png
172.67.182.205200 OK 21 kB URL GET HTTP/2 i.joecomp.com/logo/logo_mini.png
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type PNG image data, 175 x 32, 8-bit/color RGBA, non-interlaced
Hash 0818ea172499b6953bd045786a010abc
8b77bca21403a7fa6b0538c070b4deba581bcfa4
22a680131096e4ffe5e44975839e60b39f5050a563d3daf85b4ab0193b7545fb
GET /logo/logo_mini.png HTTP/1.1
Host: i.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _sharedID=c6ef3f47-9c6b-4edc-8a0b-6f78dd014240; _sharedID_cst=kSylLAssaw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/png
content-length: 20579
last-modified: Fri, 21 Feb 2020 18:36:18 GMT
etag: "5063-59f1a4c224862"
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 12:53:57 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 11380269
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhiaHhJ%2BgzbVq6s0vZ9lX61eDFpzt5Sjcss2BFUvrpX3AExEUw23QBRfWaKPT7xO%2FugPGjWEF%2Bz1TzxwJGIsMtYcv%2Bkh6w0tXiXAUk6Qkg0a8F%2FgMULIUbGVVg5GttLA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87627611cd0656af-OSL
alt-svc: h3=":443"; ma=86400
cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png
45.133.44.9200 OK 14 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png
IP 45.133.44.9:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Hash 962ac416cce3fad636d4904386c8d3d4
811166fceb971353dc6a9ea3a153367f20b47592
ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Sat, 20 Apr 2024 06:05:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t
148.251.40.140200 OK 49 kB URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 5d438d0143d240018cff4ed59032a1a5
562c70ec3b1f9ef14b5d4c18f73503b61d5e9660
9eedec4c4e3ade615d8475ac4de90cdd008c9930b7520479d58c330d56318a34
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:04:14 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2
ads.adlook.me/csync?pid=hyp&uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
5.101.76.186200 OK 43 B URL GET HTTP/2 ads.adlook.me/csync?pid=hyp&uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type ASCII text, with no line terminators
Hash af4749db0aaa5796db202a0ca870f289
13016f61075dadda5542b4a7734cdce06ce58e36
e6a973ade53366601816d81d4a6eebeb27fbfd9ca710dc7af8ba291811211149
GET /csync?pid=hyp&uid=187da8a4-5e7b-8768-ed39-68cc113f0aec HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; expires=Thu, 17 Apr 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D%2Chyp%3A187da8a4-5e7b-8768-ed39-68cc113f0aec; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Thu, 18 Apr 2024 06:05:05 GMT
content-length: 43
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/websites/optad/general.css
87.98.236.115200 OK 309 B URL GET HTTP/2 cdn.onnetwork.tv/css/websites/optad/general.css
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type gzip compressed data, max speed, from Unix
Hash 33ff7a3312a457f4ac764eed3da41a82
74799b8ab42af153a5071c73d9b56763311741de
806a99ba35c9ad2c29ba594e6a2ffa4b3b66047969bbfb65cc92726fcaf27911
GET /css/websites/optad/general.css HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: text/css
last-modified: Sun, 27 Mar 2022 07:49:33 GMT
vary: Accept-Encoding
etag: W/"6240170d-268"
expires: Mon, 04 Nov 2024 06:05:05 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/aci.js
142.132.138.213 8.8 kB IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type JavaScript source, ASCII text, with very long lines (31112), with no line terminators
Hash e81f962d48edbcbedc89edfdb08d0b3c
324f1ffc62d43e229b192083b118b1ac4a5643c6
d9453129c16b0215069d80e4b526c0546b259fae8d615e1b3aa775a8d76bac57
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: application/x-javascript
content-length: 8760
last-modified: Thu, 11 Jan 2024 07:27:37 GMT
etag: "659f9869-2238"
content-encoding: gzip
expires: Thu, 18 Apr 2024 18:05:06 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=YOSLEv%2B%2BpJPRvO3ce2rPWqUwaTUHkFu5Cy6bX0T7rQ2%2BX%2BfGMuXEdx8yKw%2BWhMnRS4kkV1QjWoMBYclzWfKSqMVAZwNEjCnMZ3m3S6T2NGyZBWJHeu%2Fo8n9cqzFExbN%2FrLuFc3M9iRc5EEnXm1YOktgJ0Bkk2tlRJRNpcwCBNlWzCyNF5XLonwyVh%2F2vTQBNnvHEGg04J3g%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030528966185&_adlk_ts=171342030528966185
5.101.76.186200 OK 142 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=YOSLEv%2B%2BpJPRvO3ce2rPWqUwaTUHkFu5Cy6bX0T7rQ2%2BX%2BfGMuXEdx8yKw%2BWhMnRS4kkV1QjWoMBYclzWfKSqMVAZwNEjCnMZ3m3S6T2NGyZBWJHeu%2Fo8n9cqzFExbN%2FrLuFc3M9iRc5EEnXm1YOktgJ0Bkk2tlRJRNpcwCBNlWzCyNF5XLonwyVh%2F2vTQBNnvHEGg04J3g%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030528966185&_adlk_ts=171342030528966185
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=YOSLEv%2B%2BpJPRvO3ce2rPWqUwaTUHkFu5Cy6bX0T7rQ2%2BX%2BfGMuXEdx8yKw%2BWhMnRS4kkV1QjWoMBYclzWfKSqMVAZwNEjCnMZ3m3S6T2NGyZBWJHeu%2Fo8n9cqzFExbN%2FrLuFc3M9iRc5EEnXm1YOktgJ0Bkk2tlRJRNpcwCBNlWzCyNF5XLonwyVh%2F2vTQBNnvHEGg04J3g%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030528966185&_adlk_ts=171342030528966185 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:05 GMT
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420305836&d=9878&wsc=ab&typ=embed&mobile=0&c=45
87.98.236.115200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420305836&d=9878&wsc=ab&typ=embed&mobile=0&c=45
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1713420305836&d=9878&wsc=ab&typ=embed&mobile=0&c=45 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Thursday, 18-Apr-2024 06:05:06 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/img/black2.mp4
87.98.236.115206 Partial Content 2.2 kB URL GET HTTP/2 cdn.onnetwork.tv/img/black2.mp4
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Hash 5cb95b4168423a49376882e1b2ba6171
8f6cc8c3da7687921eb12ef0d20769b988626f88
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
GET /img/black2.mp4 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: video/mp4
content-length: 2238
last-modified: Tue, 15 Nov 2022 12:58:10 GMT
etag: "63738ce2-8be"
expires: Mon, 04 Nov 2024 06:05:06 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-range: bytes 0-2237/2238
X-Firefox-Spdy: h2
abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=742
172.240.108.68200 OK 0 B URL GET HTTP/1.1 abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=742
IP 172.240.108.68:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=742 HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdnt.onnetwork.tv/poster/1/3/1377120_6m.jpg
87.98.238.175200 OK 23 kB URL GET HTTP/2 cdnt.onnetwork.tv/poster/1/3/1377120_6m.jpg
IP 87.98.238.175:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3
Hash a7428b950a02e1f0e517d293658f5b54
77b3cd2a79fbe8b8a78e59904c95763f304e0724
fa8eaa33f51d4911b191ae7878c6bc39e80d34ed4db8f36b6873e1ddf3b96c33
GET /poster/1/3/1377120_6m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/jpeg
content-length: 22824
last-modified: Mon, 27 Nov 2023 10:46:30 GMT
etag: "65647386-5928"
expires: Mon, 04 Nov 2024 06:05:06 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.acint.net/services/get_sspuid?callback=cid_6620b8125_90704612
142.132.138.213 92 B URL www.acint.net/services/get_sspuid?callback=cid_6620b8125_90704612
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type ASCII text, with no line terminators
Hash 5b6f9e04f8b353b943d2e23445812a9d
c410c5c1b62cfc4ca0f0c22112abdf19347f2162
5b8ce8cf13e978d5a47f46e8c3cbab00aaa49c318307eb7be6ae9e70da1cebeb
GET /services/get_sspuid?callback=cid_6620b8125_90704612 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: application/javascript
content-length: 92
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/destination?id=G-0HLY94SB2N&l=dataLayer&cx=c
142.250.74.40200 OK 97 kB URL GET HTTP/3 www.googletagmanager.com/gtag/destination?id=G-0HLY94SB2N&l=dataLayer&cx=c
IP 142.250.74.40:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File type JavaScript source, ASCII text, with very long lines (5955)
Hash e1d7a1fc0a422ebcce0b2e4006ddaffa
da5be50524bd5493c75ceb903e8092bef7e4e191
af1ad1bf42fff65395b078e11aa8aab8a67a2ac7be92383980c60254f20d44e8
GET /gtag/destination?id=G-0HLY94SB2N&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:05:06 GMT
expires: Thu, 18 Apr 2024 06:05:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
abnormalgently.com/ee/75/f0/ee75f0aa1f94dd90a2d1f83bdc8b835d.js
172.240.108.68200 OK 31 kB URL GET HTTP/1.1 abnormalgently.com/ee/75/f0/ee75f0aa1f94dd90a2d1f83bdc8b835d.js
IP 172.240.108.68:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash b4e9a12c94d5501aefe600750edf4171
816757d5d66026e280afa78ba8f92801994f28f7
75cf6916a968c0a9384d7010491324a8bb5d2c1dd43493eba4b9ab7b59b4a24b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ee/75/f0/ee75f0aa1f94dd90a2d1f83bdc8b835d.js HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2967-new=1; expires=Mon, 22 Apr 2024 21:05:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e55202592d10c4db36896d5d69dab3e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
acint.net/rmatch?dp=14&euid=2203420A12B820662700D6BB02FA22AB&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D
142.132.138.213302 Found 154 B URL GET HTTP/2 acint.net/rmatch?dp=14&euid=2203420A12B820662700D6BB02FA22AB&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D
IP 142.132.138.213:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=2203420A12B820662700D6BB02FA22AB&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: text/html
content-length: 154
location: https://ads.adlook.me/csync?pid=sape&uid=0900007F10B820661D09527B02BB7732
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/ymcode?callback=sapeRTB_6620b8127_15029984
193.3.184.222 56 B URL ssp-rtb.sape.ru/ymcode?callback=sapeRTB_6620b8127_15029984
IP 193.3.184.222:0
File type ASCII text, with no line terminators
Hash 7bf056306a54df7a64841923344d9d95
f167e3343a29356f702ce23f1fb6c51ce3706750
2eb5fc6cdf098ac1aa869e447611d6837ac4ef11b50c86ef3955f6d5ea8110f4
GET /ymcode?callback=sapeRTB_6620b8127_15029984 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: sspuid=CkIDImYguBK71gAnqyL6AmWl9X/Cjn1/7zlfV6Uatwqe/P4G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Type: text/html
Content-Length: 56
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
X-YaRequestId: b7479a9b4a5b4788811a649ab28c348f
X-YaSpanId: dd579194eaa4d14e
X-YaTraceId: 6b7222dae84341788d4d107a434cae4e
Content-Encoding: gzip
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
www.acint.net/hit/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=339289&aid=0900007F10B820661D09527B02BB7732&u=&r=&rs=1280x1024&t=&oE=1&oP=1&dT=2024-04-18T06%3A05%3A06.477&fu=7b45bf5b-739f-41b0-a5b4-e0cd233fb7af&if=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro
142.132.138.213 43 B URL www.acint.net/hit/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=339289&aid=0900007F10B820661D09527B02BB7732&u=&r=&rs=1280x1024&t=&oE=1&oP=1&dT=2024-04-18T06%3A05%3A06.477&fu=7b45bf5b-739f-41b0-a5b4-e0cd233fb7af&if=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=339289&aid=0900007F10B820661D09527B02BB7732&u=&r=&rs=1280x1024&t=&oE=1&oP=1&dT=2024-04-18T06%3A05%3A06.477&fu=7b45bf5b-739f-41b0-a5b4-e0cd233fb7af&if=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.adlook.me/csync?pid=sape&uid=0900007F10B820661D09527B02BB7732
5.101.76.186200 OK 43 B URL GET HTTP/2 ads.adlook.me/csync?pid=sape&uid=0900007F10B820661D09527B02BB7732
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type ASCII text, with no line terminators
Hash af4749db0aaa5796db202a0ca870f289
13016f61075dadda5542b4a7734cdce06ce58e36
e6a973ade53366601816d81d4a6eebeb27fbfd9ca710dc7af8ba291811211149
GET /csync?pid=sape&uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D%2Chyp%3A187da8a4-5e7b-8768-ed39-68cc113f0aec
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; expires=Thu, 17 Apr 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D%2Chyp%3A187da8a4-5e7b-8768-ed39-68cc113f0aec%2Csape%3A0900007F10B820661D09527B02BB7732; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Thu, 18 Apr 2024 06:05:06 GMT
content-length: 43
X-Firefox-Spdy: h2
abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=742
172.240.108.76200 OK 0 B URL GET HTTP/1.1 abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=742
IP 172.240.108.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=742 HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
pxl.acint.net/pxl/1?dp=16&id=119659.863532.165100553&sid=6620b812-0c8b-44b6-gs3c-52sf47x7pjni&aid=0900007F10B820661D09527B02BB7732&ref=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&r=1713420306
142.132.138.213 43 B URL pxl.acint.net/pxl/1?dp=16&id=119659.863532.165100553&sid=6620b812-0c8b-44b6-gs3c-52sf47x7pjni&aid=0900007F10B820661D09527B02BB7732&ref=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&r=1713420306
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pxl/1?dp=16&id=119659.863532.165100553&sid=6620b812-0c8b-44b6-gs3c-52sf47x7pjni&aid=0900007F10B820661D09527B02BB7732&ref=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&r=1713420306 HTTP/1.1
Host: pxl.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pbs.nextmillmedia.com/setuid?bidder=loopme&uid=64bbf56e-d677-47f0-8325-6b65b317b73e
34.202.75.150200 OK 86 B URL GET HTTP/2 pbs.nextmillmedia.com/setuid?bidder=loopme&uid=64bbf56e-d677-47f0-8325-6b65b317b73e
IP 34.202.75.150:443
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerAmazon
Subjectpbs.nextmillmedia.com
Fingerprint38:66:A2:05:00:00:65:02:1E:69:05:30:C2:08:16:6E:82:9D:52:20
ValidityTue, 13 Jun 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash 6c6641b08f4be6f479f1588af08054b3
8da28b3146834c48fd843b108749191516d2a65d
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
GET /setuid?bidder=loopme&uid=64bbf56e-d677-47f0-8325-6b65b317b73e HTTP/1.1
Host: pbs.nextmillmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cookies.nextmillmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/png
content-length: 86
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: uids=eyJ0ZW1wVUlEcyI6eyJsb29wbWUiOnsidWlkIjoiNjRiYmY1NmUtZDY3Ny00N2YwLTgzMjUtNmI2NWIzMTdiNzNlIiwiZXhwaXJlcyI6IjIwMjQtMDUtMDJUMDY6MDU6MDYuNjIxNTY0N1oifX19; Path=/; Expires=Wed, 17 Jul 2024 06:05:06 GMT
vary: Origin
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.222 142 B URL ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.222:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: sspuid=CkIDImYguBK71gAnqyL6AmWl9X/Cjn1/7zlfV6Uatwqe/P4G
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=2203420A12B820662700D6BB02FA22AB
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
a.utraff.com/sync?ssp=8&id=0900007F10B820661D09527B02BB7732
172.67.74.180 0 B URL a.utraff.com/sync?ssp=8&id=0900007F10B820661D09527B02BB7732
IP 172.67.74.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=8&id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 18 May 2024 09:05:06 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 18 May 2024 09:05:06 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m71n6csgGELF%2Bta4ejNeXjoVBxfQmO1dxcjbULwmEnHtV4Nz0HBc%2FOZTk9w21ixZSRDJRaqzWGXEi5r5gh2T5I63%2B59gYhYPCq4FUqLMY4TL%2BvcKkOjjpaMkxwotEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87627614a92d56af-OSL
X-Firefox-Spdy: h2
abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=666
172.240.108.68200 OK 0 B URL GET HTTP/1.1 abnormalgently.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=666
IP 172.240.108.68:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=666 HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.acint.net/oci.js?t=1713420306483
142.132.138.213 15 kB URL www.acint.net/oci.js?t=1713420306483
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type gzip compressed data, max speed, from Unix
Hash 42d63ee5763fa4a993a48a9e7da47394
2e7e01159fcbeeb664b76888293928bebff031ac
7e01a3d47973046ee3d61d046203a4316c90850815769a3b96037d072dbb3166
GET /oci.js?t=1713420306483 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: application/x-javascript
last-modified: Fri, 24 Mar 2023 20:32:13 GMT
etag: W/"641e08cd-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=0900007F10B820661D09527B02BB7732
37.230.131.22 0 B URL dm-eu.hybrid.ai/match?id=106&vid=0900007F10B820661D09527B02BB7732
IP 37.230.131.22:0
ASN #200197 Hybrid Adtech Sp.z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 18 Apr 2024 06:05:06 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=5ae4259b109989b77245; Expires=Fri, 18 Apr 2025 06:05:06 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 577
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
148.251.40.140 156 B URL exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
IP 148.251.40.140:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash a3ee847a6d988be8e8f34ed32d71d05c
4d8d3a34bb452c8ef851f1d01e7d926babef1d2c
ba92cef43225ae057a645de4f7cc3b84afa5f0a2dceabc788954093c327f24c7
GET /cookiesync/dsp/sape-banner?uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: text/html; charset=utf-8
content-length: 156
location: https://mc.acint.net/rmatch?dp=126&euid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
set-cookie: uuid=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:06 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
sync.adspend.space/sape?uid=0900007F10B820661D09527B02BB7732
5.189.234.227 149 B URL sync.adspend.space/sape?uid=0900007F10B820661D09527B02BB7732
IP 5.189.234.227:0
ASN #50340 OOO Network of data-centers Selectel
File type HTML document, ASCII text
Hash e9087f83cb2821bef085d5b2f9245a31
78e8c80b4cb0cf7e7fe6b48f547ba5d1b8ac2cbc
d3116e1d69212a505fc221fc7b6c39028cf577e5e864d2fed1cb97738f8f2827
GET /sape?uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Db4ed0ffe-0477-40f6-a1b1-dd61db7c4c65
set-cookie: as-user=b4ed0ffe-0477-40f6-a1b1-dd61db7c4c65; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0900007F10B820661D09527B02BB7732
167.235.186.124 0 B URL nr.bidderstack.com/sape/cm?user_id=0900007F10B820661D09527B02BB7732
IP 167.235.186.124:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/cm?user_id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Length: 0
Connection: keep-alive
Location: /sape/cm?user_id=0900007F10B820661D09527B02BB7732&pupa=1
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Fri, 18-Apr-2025 06:05:06 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
pixel.dsp.onetarget.ru/sape/pixel?id=0900007F10B820661D09527B02BB7732
130.193.53.230 0 B URL pixel.dsp.onetarget.ru/sape/pixel?id=0900007F10B820661D09527B02BB7732
IP 130.193.53.230:0
ASN #200350 Yandex.Cloud LLC
Certificate IssuerLet's Encrypt
Subjectpixel.dsp.onetarget.ru
FingerprintC3:A5:98:2E:46:6A:1A:4F:85:6D:4A:FE:11:88:B1:D1:5F:AE:43:DD
ValidityFri, 15 Mar 2024 12:44:47 GMT - Thu, 13 Jun 2024 12:44:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/pixel?id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:06 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=1402d80e-fb04-463d-b331-096f7ec2505e
set-cookie: USER_ID=1402d80e-fb04-463d-b331-096f7ec2505e;max-age=2147483647;Secure;HttpOnly;SameSite=None
SAPE_USER_ID=0900007F10B820661D09527B02BB7732;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/sape2?u=0900007F10B820661D09527B02BB7732
217.199.220.43 0 B URL kimberlite.io/rtb/sync/sape2?u=0900007F10B820661D09527B02BB7732
IP 217.199.220.43:0
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/sape2?u=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: as=OFrH4WYguBA; f=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsolta%26uid%3DZiC4EBjlL4Q; n=1; u=ZiC4EBclkiE~M1gKeujj8F5zuYQBAFWkMdfMZ3s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: as=-WrUeGYguBI4WsfhZiC4EA; max-age=604800; samesite=none; httponly; secure
n=2; max-age=30; samesite=none; httponly; secure
location: https://solta-sync.rutarget.ru/sync
referrer-policy: no-referrer
server-timing: app;srv=0;dur=0.0002
ssp.al-adtech.com/api/sync/sape
45.139.25.119 0 B URL ssp.al-adtech.com/api/sync/sape
IP 45.139.25.119:0
Certificate IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint09:19:46:AF:0C:12:1A:6D:06:41:56:6B:AF:2F:C2:69:A3:3F:1A:37
ValidityMon, 15 Apr 2024 04:45:07 GMT - Sun, 14 Jul 2024 04:45:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync/sape HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: afp_cookie=gAAAAABmILgQ_XntY1RRlWHQ5i_u3Aa_7yB3VPqVHPbYMS4SWJgndGRaCk-goxbnrccVfA7l3zq-hqb09c_R2wQOIxaLJ3Ow6C_bKI3HosSP9zaGbq_WTZsIrScyh85cUfkZtvtFdcWtsBYZGUM_8LCWF7iJttO4FPlMegMD7DSy5JTXSkg9LXZppn0aAzyRtQWvsmeRttWgWca-eKefmq-OKriumsyZmpPM3jzERITqhZyaQZJfkiA=$
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Location: https://mc.acint.net/rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
Set-Cookie: afp_cookie=gAAAAABmILgSbMlrK5Mu7wrXBvg9KRDp8STsYzGOZjMHqdCg2DAa8m2O7sCq7g9ULswQaZtbyShPpBJXwLyxkUh7NpwdiL-pKGBmo5VNyuWEuxHVzgxNWK4cxOjY1NejLEekme1o3S3ut-vGErwimqUX4g3JkysQfAIcUkEVZVIW7CCjAp3dC8XL7MPy0P3vddU4FUNiLc35DW7clxlz7eIIA7m0ytcX1A==$; expires=Sat, 18 May 2024 06:05:06 GMT; path=/; secure; SameSite=None
s.uuidksinc.net/match/396/?remote_uid=0900007F10B820661D09527B02BB7732
31.220.27.135 0 B URL s.uuidksinc.net/match/396/?remote_uid=0900007F10B820661D09527B02BB7732
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.23.2
date: Thu, 18 Apr 2024 06:05:06 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=EENgiP65CjrPHnbLCGT5
set-cookie: jcsuuid=EENgiP65CjrPHnbLCGT5; expires=Fri, 18 Apr 2025 06:05:06 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=0900007F10B820661D09527B02BB7732
31.172.81.160 0 B URL sync.bumlam.com/?src=sap1&uid=0900007F10B820661D09527B02BB7732
IP 31.172.81.160:0
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 13 Apr 2044 06:05:06 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
sync.upravel.com/sape/sync
176.9.8.252 0 B URL sync.upravel.com/sape/sync
IP 176.9.8.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1713420306864;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1713420306864;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
joecomp.com/template/herald/favicon.png
172.67.182.205404 Not Found 656 B URL GET HTTP/3 joecomp.com/template/herald/favicon.png
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 72d1ef636114e33de834d1b484873ce9
0f3e31a0d9d41cd293e6f92070f6188fc0f85d1c
04f495e2612a5b44c02c72cf6c43197beda0307ec257eea089da8c661dd3ec01
GET /template/herald/favicon.png HTTP/1.1
Host: joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: _sharedID=c6ef3f47-9c6b-4edc-8a0b-6f78dd014240; _sharedID_cst=kSylLAssaw%3D%3D; _ga_0HLY94SB2N=GS1.1.1713420306.1.0.1713420306.0.0.0; _ga=GA1.1.1930091820.1713420307
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.28
cache-control: max-age=86400
expires: Thu, 18 Apr 2024 20:40:01 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 33905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QX7I7JFs27lDgMQGx9ziGj7i5TKjoLwVUeFzyJwGA8ZeCZx5jvlCQG6YHQ29TtmahTwWwMbOoah%2F6HufIkqjUzt3Hd1Bk7%2FbShnsrQPfN5%2BLj6WvsWWH%2B7uQU0Glg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876276158a3b56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pix.bumlam.com/sync/sape/check?sspuid=0900007F10B820661D09527B02BB7732
31.172.81.159 0 B URL pix.bumlam.com/sync/sape/check?sspuid=0900007F10B820661D09527B02BB7732
IP 31.172.81.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://99abfb64-fd49-11ee-86e0-002590c0647c.n5.sync.bumlam.com/?src=sape
sync.gonet-ads.com/match/sape.js?id=0900007F10B820661D09527B02BB7732
188.42.105.236 43 B URL sync.gonet-ads.com/match/sape.js?id=0900007F10B820661D09527B02BB7732
IP 188.42.105.236:0
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape.js?id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=0900007F10B820661D09527B02BB7732
217.65.2.150 0 B URL match.new-programmatic.com/userbind?src=sape&id=0900007F10B820661D09527B02BB7732
IP 217.65.2.150:0
Certificate IssuerLet's Encrypt
Subjectnew-programmatic.com
FingerprintDC:66:9C:C9:66:1A:E4:EF:2D:CF:20:88:F1:EB:C8:72:0E:CE:CD:2D
ValidityThu, 04 Apr 2024 19:59:41 GMT - Wed, 03 Jul 2024 19:59:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
cmp.optad360.io/items/1d434f1a-7dc1-4e9f-93d1-6890b6f21477.min.js
54.230.111.106200 OK 83 kB URL GET HTTP/2 cmp.optad360.io/items/1d434f1a-7dc1-4e9f-93d1-6890b6f21477.min.js
IP 54.230.111.106:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 8c472a8eb6e40d1f0eea35b73449ce3a
99ab224a2740d0a656e4860107a38a21c387a560
fef759887430376687b1b04532bada51ea0bc5f623d78278bd82fefedb0db6e2
GET /items/1d434f1a-7dc1-4e9f-93d1-6890b6f21477.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 18 Apr 2024 06:05:03 GMT
last-modified: Mon, 19 Feb 2024 10:07:59 GMT
etag: W/"8c472a8eb6e40d1f0eea35b73449ce3a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: inJTjS_6GtYyL6fDl273Cerwyq9rJQ7JXWsj22cdNDNkd46e6mZH9g==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
sync.programmatica.com/match/01
158.160.128.78 43 B URL sync.programmatica.com/match/01
IP 158.160.128.78:0
ASN #200350 Yandex.Cloud LLC
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/01 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.222 142 B URL ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.222:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: sspuid=CkIDImYguBK71gAnqyL6AmWl9X/Cjn1/7zlfV6Uatwqe/P4G
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=2203420A12B820662700D6BB02FA22AB
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
dm-eu.hybrid.ai/match?id=106&vid=0900007F10B820661D09527B02BB7732
37.230.131.22 0 B URL dm-eu.hybrid.ai/match?id=106&vid=0900007F10B820661D09527B02BB7732
IP 37.230.131.22:0
ASN #200197 Hybrid Adtech Sp.z.o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: vid=5ae4259b109989b77245
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:06 GMT
content-length: 0
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D206%26vid%3D{WEBO_CID}
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 566
x-xss-protection: 1; mode=block
access-control-allow-origin: https://mc.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
83.222.96.170 126 B URL ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
IP 83.222.96.170:0
File type HTML document, ASCII text
Hash 092992e5c6a610b8ae92be3ecc749a92
d5bbf9cdd9215e6ac28d5d63bb3f3208116f1166
0e49a3b17a06fb83fd7646304524a75fb58a3934b0622878029096d1681ba294
GET /sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: text/html; charset=utf-8
content-length: 126
location: https://mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=JRRXIJFU
set-cookie: uid=JRRXIJFU; Expires=Sun, 16 Apr 2034 06:05:06 GMT
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=0900007F10B820661D09527B02BB7732
195.201.152.107 94 B URL sync.dmp.otm-r.com/match/sape?id=0900007F10B820661D09527B02BB7732
IP 195.201.152.107:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerGlobalSign nv-sa
Subject*.dmp.otm-r.com
FingerprintC6:A2:9D:82:0D:D1:C1:2D:A4:ED:7F:05:13:52:5B:94:6B:10:58:D6
ValidityMon, 19 Jun 2023 10:50:51 GMT - Sat, 20 Jul 2024 10:50:50 GMT
File type HTML document, ASCII text
Hash ad2fdb94bcd59fb7435c4a8e2b0418f1
5a5401011c1085ec8d2aeb60d1208975305e768e
f3ac0ceddaf9143498b4ce370db1460cd04e24636fb3fa128d63a0d6340f1343
GET /match/sape?id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: mpid=NjYyMGI4MTAwNzQ2MjU4Yg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.17.6
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html; charset=utf-8
content-length: 94
access-control-allow-origin: *
location: https://www.acint.net/match?dp=68&euid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
set-cookie: mpid=NjYyMGI4MTAwNzQ2MjU4Yg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
176.9.8.252 0 B URL sync.upravel.com/sape/sync
IP 176.9.8.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: session_tptc=1713420306864
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tYy5hY2ludC5uZXQvIl19fQ
set-cookie: session_tptc=1713420307011;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1713420307011;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=0900007F10B820661D09527B02BB7732
31.220.27.135 0 B URL s.uuidksinc.net/match/396/?remote_uid=0900007F10B820661D09527B02BB7732
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: jcsuuid=EENgiP65CjrPHnbLCGT5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.23.2
date: Thu, 18 Apr 2024 06:05:07 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=EENgiP65CjrPHnbLCGT5
set-cookie: jcsuuid=EENgiP65CjrPHnbLCGT5; expires=Fri, 18 Apr 2025 06:05:07 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
83.222.96.170 126 B URL ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
IP 83.222.96.170:0
File type HTML document, ASCII text
Hash 43903c53505418b1a2c839c139a3c978
850f09f55fdbe111d2fcbdecb3fccccfd72ce8eb
4d4a3f9cef7ff4a09451717375709b4b90e6711c3f603b722a1fd83348d2f452
GET /sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html; charset=utf-8
content-length: 126
location: https://mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=EDOWOPWW
set-cookie: uid=EDOWOPWW; Expires=Sun, 16 Apr 2034 06:05:07 GMT
X-Firefox-Spdy: h2
sync.gonet-ads.com/match/sape.js?id=0900007F10B820661D09527B02BB7732
188.42.105.236 43 B URL sync.gonet-ads.com/match/sape.js?id=0900007F10B820661D09527B02BB7732
IP 188.42.105.236:0
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape.js?id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
sync.dsp.solta.io/match/sape?id=0900007F10B820661D09527B02BB7732
217.199.220.72 43 B URL sync.dsp.solta.io/match/sape?id=0900007F10B820661D09527B02BB7732
IP 217.199.220.72:0
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape?id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=0900007F10B820661D09527B02BB7732
31.172.81.159 0 B URL pix.bumlam.com/sync/sape/check?sspuid=0900007F10B820661D09527B02BB7732
IP 31.172.81.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://mc.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://99abfb64-fd49-11ee-86e0-002590c0647c.n4.sync.bumlam.com/?src=sape
sync.adspend.space/sape?uid=0900007F10B820661D09527B02BB7732
5.189.234.227 149 B URL sync.adspend.space/sape?uid=0900007F10B820661D09527B02BB7732
IP 5.189.234.227:0
ASN #50340 OOO Network of data-centers Selectel
File type HTML document, ASCII text
Hash a5aa8a86717ba3426adbaedc5d430cd6
f10b8ea7a990b7b239f8818adb77cc882ecef839
e2933741506371bc47f2bf3a4782432ae167fc6f15583f836fabcd4a413c3225
GET /sape?uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: as-user=b4ed0ffe-0477-40f6-a1b1-dd61db7c4c65
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D8417667c-d84b-40be-9c58-3038580752cb
set-cookie: as-user=8417667c-d84b-40be-9c58-3038580752cb; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
148.251.40.140 156 B URL exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
IP 148.251.40.140:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash a3ee847a6d988be8e8f34ed32d71d05c
4d8d3a34bb452c8ef851f1d01e7d926babef1d2c
ba92cef43225ae057a645de4f7cc3b84afa5f0a2dceabc788954093c327f24c7
GET /cookiesync/dsp/sape-banner?uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html; charset=utf-8
content-length: 156
location: https://mc.acint.net/rmatch?dp=126&euid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
set-cookie: uuid=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:07 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=0900007F10B820661D09527B02BB7732
217.65.2.150 0 B URL match.new-programmatic.com/userbind?src=sape&id=0900007F10B820661D09527B02BB7732
IP 217.65.2.150:0
Certificate IssuerLet's Encrypt
Subjectnew-programmatic.com
FingerprintDC:66:9C:C9:66:1A:E4:EF:2D:CF:20:88:F1:EB:C8:72:0E:CE:CD:2D
ValidityThu, 04 Apr 2024 19:59:41 GMT - Wed, 03 Jul 2024 19:59:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
mc.acint.net/mc/?dp=131&aid=0900007F10B820661D09527B02BB7732
142.132.138.213 1.5 kB URL mc.acint.net/mc/?dp=131&aid=0900007F10B820661D09527B02BB7732
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (312), with CRLF, LF line terminators
Hash e78cf1deefe975e21a873be78ad5f37e
b0d76ec7683273656b0b724a4250a5b7d1ad2e33
6ce84d7c89a9c176ca9e7cc8c6b1d0dfaa01cf5bce7970c2b49d64912e955460
GET /mc/?dp=131&aid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: text/html
set-cookie: cSyncDp14v6=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v5=1713420306; expires=Fri, 19-Apr-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v5=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v3=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68v3=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp80v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v4=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v3=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1713420306; expires=Thu, 02-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110v3=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v4=1713420306; expires=Fri, 03-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126v3=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v3=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v3=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp251v1=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp239v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp243v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp260v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp244v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp248v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp261v1=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp289v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp293v1=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp296v2=1713420306; expires=Sat, 18-May-24 06:05:06 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
167.235.14.51 0 B URL match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP 167.235.14.51:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-length: 0
bidder: bid-26 1.1531.0cf371f1
location: https://mc.acint.net/match?dp=217&euid=1af5e849-6d10-42d1-9bfc-551c9cf1ad3b
set-cookie: uid=1af5e849-6d10-42d1-9bfc-551c9cf1ad3b.6620b813.6f903962d5aef260; domain=.ohmy.bid; path=/; expires=Sat, 18-May-2024 06:05:07 GMT; SameSite=None; Secure;
access-control-allow-credentials: true
X-Firefox-Spdy: h2
adx.com.ru/sape-sync?uid=0900007F10B820661D09527B02BB7732
83.222.105.70 169 B URL adx.com.ru/sape-sync?uid=0900007F10B820661D09527B02BB7732
IP 83.222.105.70:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 3456231c174fb2d76d51f73b828635a7
49c43f133ee881851becd78c2e9e885ebaad005e
02a097cad2b1a9db6797fdb73c0dcd0d66d8ae7d4b5f906658bb45a502c2c106
GET /sape-sync?uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
server: nginx/1.22.0
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 169
X-Firefox-Spdy: h2
pixel.dsp.onetarget.ru/sape/pixel?id=0900007F10B820661D09527B02BB7732
130.193.53.230 0 B URL pixel.dsp.onetarget.ru/sape/pixel?id=0900007F10B820661D09527B02BB7732
IP 130.193.53.230:0
ASN #200350 Yandex.Cloud LLC
Certificate IssuerLet's Encrypt
Subjectpixel.dsp.onetarget.ru
FingerprintC3:A5:98:2E:46:6A:1A:4F:85:6D:4A:FE:11:88:B1:D1:5F:AE:43:DD
ValidityFri, 15 Mar 2024 12:44:47 GMT - Thu, 13 Jun 2024 12:44:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/pixel?id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: USER_ID=1402d80e-fb04-463d-b331-096f7ec2505e; SAPE_USER_ID=0900007F10B820661D09527B02BB7732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:07 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=1402d80e-fb04-463d-b331-096f7ec2505e
set-cookie: USER_ID=1402d80e-fb04-463d-b331-096f7ec2505e;max-age=2147483647;Secure;HttpOnly;SameSite=None
SAPE_USER_ID=0900007F10B820661D09527B02BB7732;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
adx.com.ru/sape-sync?uid=0900007F10B820661D09527B02BB7732
83.222.105.70 169 B URL adx.com.ru/sape-sync?uid=0900007F10B820661D09527B02BB7732
IP 83.222.105.70:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 3456231c174fb2d76d51f73b828635a7
49c43f133ee881851becd78c2e9e885ebaad005e
02a097cad2b1a9db6797fdb73c0dcd0d66d8ae7d4b5f906658bb45a502c2c106
GET /sape-sync?uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 429 Too Many Requests
server: nginx/1.22.0
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 169
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=2203420A12B820662700D6BB02FA22AB
142.132.138.213 43 B URL acint.net/match?dp=14&euid=2203420A12B820662700D6BB02FA22AB
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=2203420A12B820662700D6BB02FA22AB HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/sape2?u=0900007F10B820661D09527B02BB7732
217.199.220.43 0 B URL kimberlite.io/rtb/sync/sape2?u=0900007F10B820661D09527B02BB7732
IP 217.199.220.43:0
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/sape2?u=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: as=-WrUeGYguBI4WsfhZiC4EA; f=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsolta%26uid%3DZiC4EBjlL4Q; n=2; u=ZiC4EBclkiE~M1gKeujj8F5zuYQBAFWkMdfMZ3s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: as=-WrUeGYguBKE8n8IZiC4Ezhax-FmILgQ; max-age=604800; samesite=none; httponly; secure
n=3; max-age=30; samesite=none; httponly; secure
location: https://sync.dsp.solta.io/match/kimberlite?id=ZiC4EBclkiE
referrer-policy: no-referrer
server-timing: app;srv=7;dur=0.0001
sync.dsp.solta.io/match/sape?id=0900007F10B820661D09527B02BB7732
217.199.220.72 43 B URL sync.dsp.solta.io/match/sape?id=0900007F10B820661D09527B02BB7732
IP 217.199.220.72:0
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape?id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
sync.programmatica.com/match/01
158.160.128.78 43 B URL sync.programmatica.com/match/01
IP 158.160.128.78:0
ASN #200350 Yandex.Cloud LLC
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/01 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&uid=0900007F10B820661D09527B02BB7732
31.172.81.160 0 B URL sync.bumlam.com/?src=sap1&uid=0900007F10B820661D09527B02BB7732
IP 31.172.81.160:0
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
Fingerprint9F:E0:4A:B3:57:B0:3C:3E:13:7F:9F:FF:82:A2:91:87:45:9F:A4:7F
ValidityThu, 28 Mar 2024 09:09:43 GMT - Wed, 26 Jun 2024 09:09:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Set-Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 13 Apr 2044 06:05:07 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
cs.agency2.ru/p?ssp=sp&uid=0900007F10B820661D09527B02BB7732
23.111.107.44 0 B URL cs.agency2.ru/p?ssp=sp&uid=0900007F10B820661D09527B02BB7732
IP 23.111.107.44:0
ASN #39134 Edinaya Set Limited Liability Company
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=625eac83-f815-40b9-a7ee-b5eab2ca510e
Set-Cookie: uuid=625eac83-f815-40b9-a7ee-b5eab2ca510e; expires=Wed, 09 Apr 2025 06:05:07 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
www.acint.net/match?dp=68&euid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
142.132.138.213 43 B URL www.acint.net/match?dp=68&euid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=68&euid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/oci/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=645336&aid=0900007F10B820661D09527B02BB7732&oid=9ff350b615091c0f6cbf094af0928028
142.132.138.213 43 B URL www.acint.net/oci/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=645336&aid=0900007F10B820661D09527B02BB7732&oid=9ff350b615091c0f6cbf094af0928028
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=645336&aid=0900007F10B820661D09527B02BB7732&oid=9ff350b615091c0f6cbf094af0928028 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/rmatch?dp=110&euid=17db4f94119548ee94f85b5dfecc8d50&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
142.132.138.213 154 B URL mc.acint.net/rmatch?dp=110&euid=17db4f94119548ee94f85b5dfecc8d50&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=110&euid=17db4f94119548ee94f85b5dfecc8d50&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=110
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=0900007F10B820661D09527B02BB7732
23.111.107.44 0 B URL cs.agency2.ru/p?ssp=sp&uid=0900007F10B820661D09527B02BB7732
IP 23.111.107.44:0
ASN #39134 Edinaya Set Limited Liability Company
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=211ed41b-c8b6-4532-9577-8adebdf35f21
Set-Cookie: uuid=211ed41b-c8b6-4532-9577-8adebdf35f21; expires=Wed, 09 Apr 2025 06:05:07 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
ssp.al-adtech.com/api/sync/sape
45.139.25.119 0 B URL ssp.al-adtech.com/api/sync/sape
IP 45.139.25.119:0
Certificate IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint09:19:46:AF:0C:12:1A:6D:06:41:56:6B:AF:2F:C2:69:A3:3F:1A:37
ValidityMon, 15 Apr 2024 04:45:07 GMT - Sun, 14 Jul 2024 04:45:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync/sape HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: afp_cookie=gAAAAABmILgSbMlrK5Mu7wrXBvg9KRDp8STsYzGOZjMHqdCg2DAa8m2O7sCq7g9ULswQaZtbyShPpBJXwLyxkUh7NpwdiL-pKGBmo5VNyuWEuxHVzgxNWK4cxOjY1NejLEekme1o3S3ut-vGErwimqUX4g3JkysQfAIcUkEVZVIW7CCjAp3dC8XL7MPy0P3vddU4FUNiLc35DW7clxlz7eIIA7m0ytcX1A==$
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Location: https://mc.acint.net/rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
Set-Cookie: afp_cookie=gAAAAABmILgT8LQHlBODyjqpyKZ2nWDVcrCJ08vuDGFfCPZcf6H0zvW1FDWC4UFQhuupcH_-59RUHoIFTwmp8o27DpnJAncLzmiAQH4vHxxdy-Yp4G1WUyUSViwa85csy5gcgGimVzpMlXomJCUZ5lN9FnVxPxxIzYsHZthVbkbX_Hdwp6nqjKL4V0elXYWhCjq0A_eKk0lhc4TOisDK8kJHyKNItbyNWhnzVaePQRv5xIpAzsgco1M=$; expires=Sat, 18 May 2024 06:05:07 GMT; path=/; secure; SameSite=None
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Db4ed0ffe-0477-40f6-a1b1-dd61db7c4c65
5.189.234.227 102 B URL sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Db4ed0ffe-0477-40f6-a1b1-dd61db7c4c65
IP 5.189.234.227:0
ASN #50340 OOO Network of data-centers Selectel
File type HTML document, ASCII text
Hash 9a88016a5649276e81c9fa8edc27b086
c87e49f7062eb1c6c9ccc76a2983abe51169d1fd
2c3c52795c299d5da6235cda86b644b8e94f80284c74b452c171bd99c8cabae4
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Db4ed0ffe-0477-40f6-a1b1-dd61db7c4c65 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: as-user=8417667c-d84b-40be-9c58-3038580752cb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=b4ed0ffe-0477-40f6-a1b1-dd61db7c4c65
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS
access-control-allow-headers: Content-Type, authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
mc.acint.net/rmatch?dp=126&euid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
142.132.138.213 154 B URL mc.acint.net/rmatch?dp=126&euid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=126&euid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=126
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
nr.bidderstack.com/sape/cm?user_id=0900007F10B820661D09527B02BB7732&pupa=1
167.235.186.124 0 B URL nr.bidderstack.com/sape/cm?user_id=0900007F10B820661D09527B02BB7732&pupa=1
IP 167.235.186.124:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/cm?user_id=0900007F10B820661D09527B02BB7732&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.acint.net/match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Fri, 18-Apr-2025 06:05:07 GMT;
csorigin2=244; domain=.bidderstack.com; path=/; expires=Thu, 18-Apr-2024 06:10:07 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
mc.acint.net/rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
142.132.138.213 154 B URL mc.acint.net/rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=261
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=EENgiP65CjrPHnbLCGT5
142.132.138.213 43 B URL www.acint.net/match?dp=127&euid=EENgiP65CjrPHnbLCGT5
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=EENgiP65CjrPHnbLCGT5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
176.9.8.252 0 B URL sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 176.9.8.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: session_tptc=1713420307011
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=aaf788f6-5873-4751-b52b-d783ebebaab8;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=aaf788f6-5873-4751-b52b-d783ebebaab8;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/rmatch?dp=71&euid=aaf788f6-5873-4751-b52b-d783ebebaab8&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 135449
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 187836
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mc.acint.net/match?dp=217&euid=4b59a9e6-c851-4da8-9136-b4e2e1329644
142.132.138.213 43 B URL mc.acint.net/match?dp=217&euid=4b59a9e6-c851-4da8-9136-b4e2e1329644
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=217&euid=4b59a9e6-c851-4da8-9136-b4e2e1329644 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=g8hf7eq0po
142.132.138.213 43 B URL www.acint.net/match?dp=129&euid=g8hf7eq0po
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=g8hf7eq0po HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=2203420A12B820662700D6BB02FA22AB
142.132.138.213 43 B URL acint.net/match?dp=14&euid=2203420A12B820662700D6BB02FA22AB
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=2203420A12B820662700D6BB02FA22AB HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=JRRXIJFU
142.132.138.213 154 B URL mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=JRRXIJFU
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=JRRXIJFU HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=95
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=8&id=0900007F10B820661D09527B02BB7732
172.67.74.180 43 B URL a.utraff.com/sync?ssp=8&id=0900007F10B820661D09527B02BB7732
IP 172.67.74.180:0
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync?ssp=8&id=0900007F10B820661D09527B02BB7732 HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: preutid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/plain
location: https://www.acint.net/match?dp=53&euid=9e21668f-8df0-405b-87a5-8a2320b57352
set-cookie: preutid=1; Max-Age=0; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Max-Age=0; Domain=.utraff.com; SameSite=None; Secure; Path=/
utid=7L7oe-39qQwfMmY1a8SsfDuxXyDrzjj2oEiLC00_a3nqqXm7-_t1fsJ9Ea0w2emcNFwqk8xcgVDdVBeOEFom3g; Expires=Sun, 16 Apr 2034 09:05:07 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
utid=7L7oe-39qQwfMmY1a8SsfDuxXyDrzjj2oEiLC00_a3nqqXm7-_t1fsJ9Ea0w2emcNFwqk8xcgVDdVBeOEFom3g; Expires=Sun, 16 Apr 2034 09:05:07 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aiHtTdcpA7PJY%2Fo0OgbszcUZXQ94rhDlkpW02SICLea8fe%2FszA3Non48e1el0kKigPlh3TPLysgixgYkHlgEriGH9Q9gAZsTO3kl9mpbF2DVsxEdCNK7QQoDvhKi6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876276169bc756af-OSL
X-Firefox-Spdy: h2
www.acint.net/match?dp=68&euid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
142.132.138.213 43 B URL www.acint.net/match?dp=68&euid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=68&euid=NjYyMGI4MTAwNzQ2MjU4Yg%3D%3D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tYy5hY2ludC5uZXQvIl19fQ
176.9.8.252 0 B URL sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tYy5hY2ludC5uZXQvIl19fQ
IP 176.9.8.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tYy5hY2ludC5uZXQvIl19fQ HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: session_tptc=1713420307011
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=ba7779e8-4da2-4f97-97f6-ae2d024d9a26;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=ba7779e8-4da2-4f97-97f6-ae2d024d9a26;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/rmatch?dp=71&euid=ba7779e8-4da2-4f97-97f6-ae2d024d9a26&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=3bd9etibdq
142.132.138.213 43 B URL www.acint.net/match?dp=129&euid=3bd9etibdq
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=3bd9etibdq HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=EENgiP65CjrPHnbLCGT5
142.132.138.213 43 B URL www.acint.net/match?dp=127&euid=EENgiP65CjrPHnbLCGT5
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=EENgiP65CjrPHnbLCGT5 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=EDOWOPWW
142.132.138.213 154 B URL mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=EDOWOPWW
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=EDOWOPWW HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=95
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
abnormalgently.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNEZXcojB4SkBmu%2Bf3mEMwriuLa3ZNInoRqV89W9nqrqaqe3p2T4sByXHwL%2Bj9ZjeLJsjmJoJBegMeFoSMpz24F28eFXKWHgdHH1S99%2Br7Cr7346uD7II0kNHz1Y%2FMntKarrTrfu3qZ0Fwvbah4mxUG%2FU6X3Ra12t2%2BE6%2FU%2Fev1T6QfMesNPzA9wM%2FqK0pK0MzWqlAqORxP6j3%2FXqrUQ%2FaLYzs%2F3OXeXDUgxhekNehxHT5mXcZipeIo5NV6XZSk7z9fpRpmhqLoTj%2BJN6JTR4jWoSh9RDGx3M2jHu%2B9hQmPprJhRn%2BS2RqSryfn4LFx3ORYMPDmU6mIWMw8RLyYQmpSyhagpv7UOI5AbjArU3E0cNbxuZ09x%2BUVuiULL%2F4CyqfkuXfLiOOvrup1ah2x%2BgsVSZ2GIUF1KiEGpRIslOke0tQ%2BSl4%2BiWU%2BIWsvNhAHB1uOm2gRDGrXakSKiyh5RjUeciqozxkoYcs8RCJ8xoPgqDrC079Xp%2FzpuhK1hF%2BQLthQAO%2F00PGK3ljpMkYXI%2FB7T4Su48dNYbNfoLbLuCEB5dOiffxPoaiQC4JckeQU4JcEeQpQT4sjoR2DVc8FNplLJj7xtw3i4lJBwf0yKQDGRNQO4YVxUFyQV6r%2BuP5l06wI89rtCfbbd4JGkG3xxs%2B7zeZ7IadVrfb8%2FtBn8KpAsotzUreU1Ny7Y8tJGpKXv78LTB6CqdPwdUboNmboHkBul1gL350z0huoqTOTQRhCiTpMtJd70BfkCuzAa1vnkDysxu%2FN2cGbgsktsA99YxgoB9MbpucHN42uSNPNpNURWqPVsO7k9JUXvr2Q7mbGyvWV934m3d5BVTh47vSpRs0FioeOPLophJC2jVjuSQ%2FrrtPJdvK3PbNzMZZsrH13tp6lFjpnDJxCVrt4Z8WXE3JK1fuzvby6g%2BbULaEzQpE2RmZG5QpwZN9uGSh3xkCqxcclnjIs2JiG2zxqBWBloucsgLuPzlbxBNLq99UFQfuAQZ2CTS9jzgqMLQFhroA1WO47NIkTezZjV%2FnMphemjBtlw6ZtvrrWZur6wmcOq81fdFlMpRdJlvtVii5YO0283nIWVP0ehypm4a171%2F9GwAA%2F%2F8BAAD%2F%2F0ro5jZxBAAA
172.240.108.68200 OK 7 B URL GET HTTP/1.1 abnormalgently.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNEZXcojB4SkBmu%2Bf3mEMwriuLa3ZNInoRqV89W9nqrqaqe3p2T4sByXHwL%2Bj9ZjeLJsjmJoJBegMeFoSMpz24F28eFXKWHgdHH1S99%2Br7Cr7346uD7II0kNHz1Y%2FMntKarrTrfu3qZ0Fwvbah4mxUG%2FU6X3Ra12t2%2BE6%2FU%2Fev1T6QfMesNPzA9wM%2FqK0pK0MzWqlAqORxP6j3%2FXqrUQ%2FaLYzs%2F3OXeXDUgxhekNehxHT5mXcZipeIo5NV6XZSk7z9fpRpmhqLoTj%2BJN6JTR4jWoSh9RDGx3M2jHu%2B9hQmPprJhRn%2BS2RqSryfn4LFx3ORYMPDmU6mIWMw8RLyYQmpSyhagpv7UOI5AbjArU3E0cNbxuZ09x%2BUVuiULL%2F4CyqfkuXfLiOOvrup1ah2x%2BgsVSZ2GIUF1KiEGpRIslOke0tQ%2BSl4%2BiWU%2BIWsvNhAHB1uOm2gRDGrXakSKiyh5RjUeciqozxkoYcs8RCJ8xoPgqDrC079Xp%2FzpuhK1hF%2BQLthQAO%2F00PGK3ljpMkYXI%2FB7T4Su48dNYbNfoLbLuCEB5dOiffxPoaiQC4JckeQU4JcEeQpQT4sjoR2DVc8FNplLJj7xtw3i4lJBwf0yKQDGRNQO4YVxUFyQV6r%2BuP5l06wI89rtCfbbd4JGkG3xxs%2B7zeZ7IadVrfb8%2FtBn8KpAsotzUreU1Ny7Y8tJGpKXv78LTB6CqdPwdUboNmboHkBul1gL350z0huoqTOTQRhCiTpMtJd70BfkCuzAa1vnkDysxu%2FN2cGbgsktsA99YxgoB9MbpucHN42uSNPNpNURWqPVsO7k9JUXvr2Q7mbGyvWV934m3d5BVTh47vSpRs0FioeOPLophJC2jVjuSQ%2FrrtPJdvK3PbNzMZZsrH13tp6lFjpnDJxCVrt4Z8WXE3JK1fuzvby6g%2BbULaEzQpE2RmZG5QpwZN9uGSh3xkCqxcclnjIs2JiG2zxqBWBloucsgLuPzlbxBNLq99UFQfuAQZ2CTS9jzgqMLQFhroA1WO47NIkTezZjV%2FnMphemjBtlw6ZtvrrWZur6wmcOq81fdFlMpRdJlvtVii5YO0283nIWVP0ehypm4a171%2F9GwAA%2F%2F8BAAD%2F%2F0ro5jZxBAAA
IP 172.240.108.68:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNEZXcojB4SkBmu%2Bf3mEMwriuLa3ZNInoRqV89W9nqrqaqe3p2T4sByXHwL%2Bj9ZjeLJsjmJoJBegMeFoSMpz24F28eFXKWHgdHH1S99%2Br7Cr7346uD7II0kNHz1Y%2FMntKarrTrfu3qZ0Fwvbah4mxUG%2FU6X3Ra12t2%2BE6%2FU%2Fev1T6QfMesNPzA9wM%2FqK0pK0MzWqlAqORxP6j3%2FXqrUQ%2FaLYzs%2F3OXeXDUgxhekNehxHT5mXcZipeIo5NV6XZSk7z9fpRpmhqLoTj%2BJN6JTR4jWoSh9RDGx3M2jHu%2B9hQmPprJhRn%2BS2RqSryfn4LFx3ORYMPDmU6mIWMw8RLyYQmpSyhagpv7UOI5AbjArU3E0cNbxuZ09x%2BUVuiULL%2F4CyqfkuXfLiOOvrup1ah2x%2BgsVSZ2GIUF1KiEGpRIslOke0tQ%2BSl4%2BiWU%2BIWsvNhAHB1uOm2gRDGrXakSKiyh5RjUeciqozxkoYcs8RCJ8xoPgqDrC079Xp%2FzpuhK1hF%2BQLthQAO%2F00PGK3ljpMkYXI%2FB7T4Su48dNYbNfoLbLuCEB5dOiffxPoaiQC4JckeQU4JcEeQpQT4sjoR2DVc8FNplLJj7xtw3i4lJBwf0yKQDGRNQO4YVxUFyQV6r%2BuP5l06wI89rtCfbbd4JGkG3xxs%2B7zeZ7IadVrfb8%2FtBn8KpAsotzUreU1Ny7Y8tJGpKXv78LTB6CqdPwdUboNmboHkBul1gL350z0huoqTOTQRhCiTpMtJd70BfkCuzAa1vnkDysxu%2FN2cGbgsktsA99YxgoB9MbpucHN42uSNPNpNURWqPVsO7k9JUXvr2Q7mbGyvWV934m3d5BVTh47vSpRs0FioeOPLophJC2jVjuSQ%2FrrtPJdvK3PbNzMZZsrH13tp6lFjpnDJxCVrt4Z8WXE3JK1fuzvby6g%2BbULaEzQpE2RmZG5QpwZN9uGSh3xkCqxcclnjIs2JiG2zxqBWBloucsgLuPzlbxBNLq99UFQfuAQZ2CTS9jzgqMLQFhroA1WO47NIkTezZjV%2FnMphemjBtlw6ZtvrrWZur6wmcOq81fdFlMpRdJlvtVii5YO0283nIWVP0ehypm4a171%2F9GwAA%2F%2F8BAAD%2F%2F0ro5jZxBAAA HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 425400f2882732b04e5cabc27154afec
Strict-Transport-Security: max-age=0; includeSubdomains
abnormalgently.com/pixel/sbs?c=1
172.240.108.76200 OK 0 B URL GET HTTP/1.1 abnormalgently.com/pixel/sbs?c=1
IP 172.240.108.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectabnormalgently.com
Fingerprint71:A9:EF:90:4D:2C:41:7A:5B:F5:C4:D9:BA:00:19:1E:8F:87:F2:54
ValidityTue, 16 Apr 2024 13:59:37 GMT - Mon, 15 Jul 2024 13:59:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: abnormalgently.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: u_pl=19923888; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
nr.bidderstack.com/sape/cm?user_id=0900007F10B820661D09527B02BB7732&pupa=1
167.235.186.124 0 B URL nr.bidderstack.com/sape/cm?user_id=0900007F10B820661D09527B02BB7732&pupa=1
IP 167.235.186.124:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerGoDaddy.com, Inc.
Subject*.bidderstack.com
Fingerprint7A:83:29:BF:37:01:78:02:DF:C1:07:D8:A2:10:AB:0A:DD:11:66:B0
ValidityTue, 21 Nov 2023 08:57:57 GMT - Sun, 22 Dec 2024 08:57:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/cm?user_id=0900007F10B820661D09527B02BB7732&pupa=1 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Length: 0
Connection: keep-alive
Location: https://exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
Set-Cookie: pupa=187da8a4-5e7b-8768-ed39-68cc113f0aec; domain=.bidderstack.com; path=/; expires=Fri, 18-Apr-2025 06:05:07 GMT;
csorigin2=3; domain=.bidderstack.com; path=/; expires=Thu, 18-Apr-2024 06:10:07 GMT;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ads.adlook.me/csync?pid=sape&uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
5.101.76.186 154 B URL ads.adlook.me/csync?pid=sape&uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
IP 5.101.76.186:0
ASN #48096 Enterprise Cloud Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /csync?pid=sape&uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D%2Chyp%3A187da8a4-5e7b-8768-ed39-68cc113f0aec%2Csape%3A0900007F10B820661D09527B02BB7732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
location: https://mc.acint.net/rmatch?dp=110&euid=17db4f94119548ee94f85b5dfecc8d50&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; expires=Thu, 17 Apr 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D%2Chyp%3A187da8a4-5e7b-8768-ed39-68cc113f0aec%2Csape%3A0900007F10B820661D09527B02BB7732; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Thu, 18 Apr 2024 06:05:06 GMT
X-Firefox-Spdy: h2
ads.adlook.me/csync?pid=sape&uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
5.101.76.186 154 B URL ads.adlook.me/csync?pid=sape&uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
IP 5.101.76.186:0
ASN #48096 Enterprise Cloud Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /csync?pid=sape&uid=0900007F10B820661D09527B02BB7732&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D%2Chyp%3A187da8a4-5e7b-8768-ed39-68cc113f0aec%2Csape%3A0900007F10B820661D09527B02BB7732
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
location: https://mc.acint.net/rmatch?dp=110&euid=17db4f94119548ee94f85b5dfecc8d50&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; expires=Thu, 17 Apr 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
adlk_cmatch=alab%3A70b06ba9-673d-4e4a-849a-ee68bab58348%2Cotm%3ANjYyMGI4MTAwNzQ2MjU4Yg%3D%3D%2Chyp%3A187da8a4-5e7b-8768-ed39-68cc113f0aec%2Csape%3A0900007F10B820661D09527B02BB7732; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; SameSite=None; secure; samesite=none
date: Thu, 18 Apr 2024 06:05:06 GMT
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D8417667c-d84b-40be-9c58-3038580752cb
5.189.234.227 102 B URL sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D8417667c-d84b-40be-9c58-3038580752cb
IP 5.189.234.227:0
ASN #50340 OOO Network of data-centers Selectel
File type HTML document, ASCII text
Hash b2edf434b52625ac113354bca83a5c4e
c39e481c2b01a7798b57d4b4a15ed272b46e93aa
2c4fc36ad4900fa3987e72064400a2504d04e98fa19cefba24f025f31f1b6ee5
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D8417667c-d84b-40be-9c58-3038580752cb HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: as-user=8417667c-d84b-40be-9c58-3038580752cb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=8417667c-d84b-40be-9c58-3038580752cb
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS
access-control-allow-headers: Content-Type, authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=625eac83-f815-40b9-a7ee-b5eab2ca510e
142.132.138.213 43 B URL www.acint.net/match?dp=186&euid=625eac83-f815-40b9-a7ee-b5eab2ca510e
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=625eac83-f815-40b9-a7ee-b5eab2ca510e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.dsp.solta.io/match/kimberlite?id=ZiC4EBclkiE
217.199.220.72 43 B URL sync.dsp.solta.io/match/kimberlite?id=ZiC4EBclkiE
IP 217.199.220.72:0
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/kimberlite?id=ZiC4EBclkiE HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=110
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=110
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
99abfb64-fd49-11ee-86e0-002590c0647c.n5.sync.bumlam.com/?src=sape
94.141.105.125 0 B URL 99abfb64-fd49-11ee-86e0-002590c0647c.n5.sync.bumlam.com/?src=sape
IP 94.141.105.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 99abfb64-fd49-11ee-86e0-002590c0647c.n5.sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.25.3
date: Thu, 18 Apr 2024 06:05:07 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2
gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D
47.253.61.56 0 B URL gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D
IP 47.253.61.56:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D HTTP/1.1
Host: gw-iad-bid.ymmobi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:07 GMT
content-length: 0
location: https://mc.acint.net/match?dp=293&euid=ym_user_5ab11f15-2065-447a-80b4-b9a263a72273
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-credentials: true
set-cookie: ym_user_cookie=ym_user_5ab11f15-2065-447a-80b4-b9a263a72273; max-age=31104000; domain=ymmobi.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
mc.acint.net/match?dp=217&euid=1af5e849-6d10-42d1-9bfc-551c9cf1ad3b
142.132.138.213 43 B URL mc.acint.net/match?dp=217&euid=1af5e849-6d10-42d1-9bfc-551c9cf1ad3b
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=217&euid=1af5e849-6d10-42d1-9bfc-551c9cf1ad3b HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D
47.253.61.56 0 B URL gw-iad-bid.ymmobi.com/dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D
IP 47.253.61.56:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dsp/user/sync?dspid=c2FwZV9kc3A=&gdpr=0&gdpr_consent=0&us_privacy=0&callback=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D293%26euid%3D%7Bym_user_id%7D HTTP/1.1
Host: gw-iad-bid.ymmobi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mc.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:05:07 GMT
content-length: 0
location: https://mc.acint.net/match?dp=293&euid=ym_user_32d6c121-c503-48fc-8f23-33e4f89655fc
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-credentials: true
set-cookie: ym_user_cookie=ym_user_32d6c121-c503-48fc-8f23-33e4f89655fc; max-age=31104000; domain=ymmobi.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=211ed41b-c8b6-4532-9577-8adebdf35f21
142.132.138.213 43 B URL www.acint.net/match?dp=186&euid=211ed41b-c8b6-4532-9577-8adebdf35f21
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=211ed41b-c8b6-4532-9577-8adebdf35f21 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
142.132.138.213 154 B URL mc.acint.net/rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=261&euid=70b06ba9-673d-4e4a-849a-ee68bab58348&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=261
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
99abfb64-fd49-11ee-86e0-002590c0647c.n4.sync.bumlam.com/?src=sape
94.141.105.125 0 B URL 99abfb64-fd49-11ee-86e0-002590c0647c.n4.sync.bumlam.com/?src=sape
IP 94.141.105.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 99abfb64-fd49-11ee-86e0-002590c0647c.n4.sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.25.3
date: Thu, 18 Apr 2024 06:05:07 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2
www.acint.net/match?dp=98&euid=b4ed0ffe-0477-40f6-a1b1-dd61db7c4c65
142.132.138.213 43 B URL www.acint.net/match?dp=98&euid=b4ed0ffe-0477-40f6-a1b1-dd61db7c4c65
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=b4ed0ffe-0477-40f6-a1b1-dd61db7c4c65 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=126
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=126
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
www.acint.net/match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec
142.132.138.213 43 B URL www.acint.net/match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=251&euid=187da8a4-5e7b-8768-ed39-68cc113f0aec HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=261
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=261
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=71&euid=aaf788f6-5873-4751-b52b-d783ebebaab8&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
142.132.138.213 154 B URL www.acint.net/rmatch?dp=71&euid=aaf788f6-5873-4751-b52b-d783ebebaab8&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=71&euid=aaf788f6-5873-4751-b52b-d783ebebaab8&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://acint.net/cmatch?dp=71
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.159 43 B URL pix.bumlam.com/sync/sape/done
IP 31.172.81.159:0
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
148.251.40.140 43 B URL exchange.buzzoola.com/cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec
IP 148.251.40.140:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookiesync/dsp/hyperadx-video?uid=187da8a4-5e7b-8768-ed39-68cc113f0aec HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
set-cookie: uuid=; Path=/; Domain=exchange.buzzoola.com; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; Secure; SameSite=None
uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:07 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=71&euid=ba7779e8-4da2-4f97-97f6-ae2d024d9a26&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
142.132.138.213 154 B URL www.acint.net/rmatch?dp=71&euid=ba7779e8-4da2-4f97-97f6-ae2d024d9a26&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=71&euid=ba7779e8-4da2-4f97-97f6-ae2d024d9a26&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 154
location: https://acint.net/cmatch?dp=71
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=95
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=95
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=95 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=126
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=126
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=110
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=110
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
www.acint.net/match?dp=98&euid=8417667c-d84b-40be-9c58-3038580752cb
142.132.138.213 43 B URL www.acint.net/match?dp=98&euid=8417667c-d84b-40be-9c58-3038580752cb
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=8417667c-d84b-40be-9c58-3038580752cb HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=95
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=95
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=95 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
mc.acint.net/match?dp=293&euid=ym_user_5ab11f15-2065-447a-80b4-b9a263a72273
142.132.138.213 43 B URL mc.acint.net/match?dp=293&euid=ym_user_5ab11f15-2065-447a-80b4-b9a263a72273
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=293&euid=ym_user_5ab11f15-2065-447a-80b4-b9a263a72273 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/match?dp=293&euid=ym_user_32d6c121-c503-48fc-8f23-33e4f89655fc
142.132.138.213 43 B URL mc.acint.net/match?dp=293&euid=ym_user_32d6c121-c503-48fc-8f23-33e4f89655fc
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=293&euid=ym_user_32d6c121-c503-48fc-8f23-33e4f89655fc HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
mc.acint.net/cmatch?dp=261
142.132.138.213 186 B URL mc.acint.net/cmatch?dp=261
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/done
31.172.81.159 43 B URL pix.bumlam.com/sync/sape/done
IP 31.172.81.159:0
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5OWFiZmI2NC1mZDQ5LTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:05:07 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://mc.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
acint.net/cmatch?dp=71
142.132.138.213 186 B IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=71 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:07 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
acint.net/cmatch?dp=71
142.132.138.213 186 B IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash a3d7ee70efa8e3dc260ee304541b0de1
3c165a5c0fb874fa5f2cf820c99953e0fa9c2720
7b9b60a5c21c6ba38928c30c5abcb4a8b42496abedbeb39dbc3a59e3a494d6e7
GET /cmatch?dp=71 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mc.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 500 Internal Server Error
server: openresty
date: Thu, 18 Apr 2024 06:05:08 GMT
content-type: text/html
content-length: 186
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf
216.58.207.227200 OK 24 kB URL GET HTTP/3 fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu
Hash abd464fd52dec0108904f062f30b31d4
f51881b3732bcb7aac9592f50184720e7d726ccf
0c4595868d57ebb5f2793e22e8493bfe2606cd8c628a039d2d1a4fa79f642b05
GET /s/opensans/v15/mem8YaGs126MiZpBA-UFW50e.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24229
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:22:08 GMT
expires: Wed, 16 Apr 2025 01:22:08 GMT
cache-control: public, max-age=31536000
age: 189780
last-modified: Wed, 11 Oct 2017 21:49:47 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf
216.58.207.227200 OK 32 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und
Hash 97f443e6355feeb74a5a4043236d91c0
4c2ed371db850934ad83b2d830abbf6bda9bb5a0
08d3764653cba296a0f9b57a8b1356f976bf780c6944628552342a3b16831772
GET /s/lato/v14/S6u9w4BMUTPHh6UVSwaPHA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 06:58:00 GMT
expires: Wed, 16 Apr 2025 06:58:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 18:22:47 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 169628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhs.ttf
216.58.207.227200 OK 25 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhs.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright � 2011, Google Corporation.Open Sans SemiBoldRegular1.10;1ASC;OpenSans-
Hash 5613b984da07ee40456c6bc790ca2f21
acec6c48759b9a14a56371ae0027c1577f05dec9
8d0e99cf50d6d7ac44bbceaa8062697392b9f71532d8e9716ff9cd2bf5a78103
GET /s/opensans/v15/mem5YaGs126MiZpBA-UNirkOXOhs.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 11:02:41 GMT
expires: Thu, 17 Apr 2025 11:02:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:50 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 68547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf
216.58.207.227200 OK 32 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf
IP 216.58.207.227:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409, Copyright (c) 2010-2011 by tyPoland Lukasz Dziedzic with Reserved Font Name "Lato". Licensed und
Hash 3256fc68bf4f5944fecc69b64d872a88
dd31faf30e23b2b573df522447a1a360c0620cc5
682faf236eb80dd1a3353fc2eae4ff34b39e2883ef1ffc27ed984842ebfc47e2
GET /s/lato/v14/S6uyw4BMUTPHjxAwWw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 07:45:38 GMT
expires: Fri, 11 Apr 2025 07:45:38 GMT
cache-control: public, max-age=31536000
age: 598770
last-modified: Wed, 11 Oct 2017 18:22:47 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.acint.net/ping/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=764526&aid=0900007F10B820661D09527B02BB7732&dT=2024-04-18T06%3A05%3A09.483
142.132.138.213 43 B URL www.acint.net/ping/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=764526&aid=0900007F10B820661D09527B02BB7732&dT=2024-04-18T06%3A05%3A09.483
IP 142.132.138.213:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subject*.acint.net
FingerprintA3:BC:DF:1A:52:04:14:64:D6:13:8F:61:6D:A3:DF:F9:C5:01:1C:26
ValidityThu, 29 Feb 2024 01:31:10 GMT - Wed, 29 May 2024 01:31:09 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.7.0&uid=cd5fdcda-d0de-439b-b4ce-3d542822defc&dp=14&tz=%2B00%3A00&nc=764526&aid=0900007F10B820661D09527B02BB7732&dT=2024-04-18T06%3A05%3A09.483 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: test_cookie=CheckForPermission; aid=fwAACWYguBB7UgkdMne7Ap6O4vpOPxQMpiIUA7ig3ePSac+b; cSyncDp14v4=1713420305; cSyncDp14v6=1713420306; cSyncDp17v2=1713420306; cSyncDp45v5=1713420306; cSyncDp53v5=1713420306; cSyncDp62v2=1713420306; cSyncDp67v3=1713420306; cSyncDp68v3=1713420306; cSyncDp71v2=1713420306; cSyncDp80v2=1713420306; cSyncDp85v2=1713420306; cSyncDp95v4=1713420306; cSyncDp98v3=1713420306; cSyncDp104v2=1713420306; cSyncDp107v2=1713420306; cSyncDp110v3=1713420306; cSyncDp125v4=1713420306; cSyncDp126v3=1713420306; cSyncDp127v2=1713420306; cSyncDp129v2=1713420306; cSyncDp136v3=1713420306; cSyncDp146v2=1713420306; cSyncDp148v2=1713420306; cSyncDp149v3=1713420306; cSyncDp151v2=1713420306; cSyncDp251v1=1713420306; cSyncDp186v2=1713420306; cSyncDp217v2=1713420306; cSyncDp235v2=1713420306; cSyncDp239v2=1713420306; cSyncDp243v2=1713420306; cSyncDp260v2=1713420306; cSyncDp244v2=1713420306; cSyncDp248v2=1713420306; cSyncDp261v1=1713420306; cSyncDp289v2=1713420306; cSyncDp293v1=1713420306; cSyncDp296v2=1713420306
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:09 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
exchange.buzzoola.com/adn/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng
148.251.40.140 0 B URL exchange.buzzoola.com/adn/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng
IP 148.251.40.140:0
ASN #24940 Hetzner Online GmbH
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /adn/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-alt-referer,x-first-party-cookie
Referer: https://tube.buzzoola.com/
Origin: https://tube.buzzoola.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 18 Apr 2024 06:05:16 GMT
access-control-allow-origin: https://tube.buzzoola.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match, Content-Type
access-control-expose-headers: Set-Cookie, Etag
allow: GET, POST
X-Firefox-Spdy: h2
tube.buzzoola.com/build/buzzcommon.fpjs.js
151.236.71.148 32 kB URL tube.buzzoola.com/build/buzzcommon.fpjs.js
IP 151.236.71.148:0
ASN #204720 Global Cloud Network LLC
File type gzip compressed data, from Unix
Hash a0131da59d36bb395565a9a1c93a539c
58d94d0bfe4c20ba495bba4f375e9c373ad0c62a
3c2705fe32c6a8a2fed67345e224fac53262b253e1fd01a62e7169356a2bf121
GET /build/buzzcommon.fpjs.js HTTP/1.1
Host: tube.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 05 Apr 2024 09:35:03 GMT
expires: Thu, 18 Apr 2024 07:00:00 GMT
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 224
x-cdn-request-id: dbdc649a738f954730b87a1082abbae1
X-Firefox-Spdy: h2
services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US
54.230.111.129 82 B URL services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US
IP 54.230.111.129:0
Hash 4f822d39c269d2c47e3174b6c6bad3b7
d56bd07959c766e9c18faa9cf1070548f9236b65
cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3
GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Thu, 18 Apr 2024 05:53:10 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: 2b5df8c707ae404e95c5627a86c7cb28
content-security-policy: media-src https://videos.cdn.mozilla.net; form-action 'self'; child-src https://www.recaptcha.net/recaptcha/; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; frame-src https://www.recaptcha.net/recaptcha/; object-src 'none'; connect-src 'self' https://*.google-analytics.com; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; default-src 'none'; font-src 'self' https://addons.mozilla.org/static-server/; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GZ0Zf6-BkjTsIfLsS7X47iUUbXLVM2yzW2cQs69FDiVJ6A7XNOVAaQ==
age: 740
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 42 B URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text
Hash f8f24fa0c857d8f2ee493e131b85ab62
cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6
e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
via: 1.1 google
date: Thu, 18 Apr 2024 06:03:03 GMT
content-type: text/xml; charset=utf-8
age: 148
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
cmp.optad360.io/items/cmp/v3/cmp-4.2.0.min.js
54.230.111.106200 OK 788 kB URL GET HTTP/2 cmp.optad360.io/items/cmp/v3/cmp-4.2.0.min.js
IP 54.230.111.106:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
Size 788 kB (787901 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /items/cmp/v3/cmp-4.2.0.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 18 Apr 2024 02:06:42 GMT
last-modified: Fri, 16 Feb 2024 08:19:11 GMT
etag: W/"8870d207c7c9ed8b44d56e87c13a2a94"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f5hEp-3O-0ab9Kqbmjy1Z4EUx_H3f2hNmEdHf2V4buYUmSEfzlAxmw==
age: 14303
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
joecomp.com/template/herald/css/style.css
172.67.182.205200 OK 477 kB URL GET HTTP/2 joecomp.com/template/herald/css/style.css
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
Size 477 kB (477419 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/herald/css/style.css HTTP/1.1
Host: joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: text/css
last-modified: Wed, 12 Oct 2022 04:18:45 GMT
etag: W/"748eb-5eaceb051ac36"
cache-control: max-age=1209600
expires: Fri, 26 Apr 2024 19:46:00 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 469142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5d%2Fx1zmOLdLyllyCwVYJbkKl5zitLD2wERhOkC3WnQ%2BilNKRbanC8e472VAF3aQNcyjMyKkigoiiB6w2pPQF%2Bc%2BHHQq5CrF5dCJ9CWRloEOutkWnucMcZhERJI45yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fc083756c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
utraff.com/vpaid/YDM5vs9stj9-lUcr1hX_GD9CuWCT9ukqRrgUPVqnIrY.xml
172.67.74.180200 OK 1.0 kB URL GET HTTP/2 utraff.com/vpaid/YDM5vs9stj9-lUcr1hX_GD9CuWCT9ukqRrgUPVqnIrY.xml
IP 172.67.74.180:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectutraff.com
Fingerprint33:5E:E6:D1:25:D0:06:4F:AC:56:7F:BD:6C:A7:DD:31:72:25:35:57
ValiditySat, 06 Apr 2024 06:57:44 GMT - Fri, 05 Jul 2024 06:57:43 GMT
File type ASCII text, with very long lines (1071), with no line terminators
Hash ebf27b7d623ef3253d1adad9a1c13e99
fee3096f57e143a1ad51d8648302e2dbd318a1bd
f6488e9bc71b71e4fda2ceff02c817d032b1e539e9238d3135721e4b03c41a89
GET /vpaid/YDM5vs9stj9-lUcr1hX_GD9CuWCT9ukqRrgUPVqnIrY.xml HTTP/1.1
Host: utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/xml
last-modified: Wed, 17 Apr 2024 09:30:41 GMT
etag: W/"661f96c1-3ff"
access-control-allow-origin: https://ja.joecomp.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qguFO%2FFkhMWmnCu6K53KsAdyJSqkRcKNRHyFC6TUTWHCNcW%2BpEn8BMNIRFCT6i3gGZcQtGw0cUqSMZzdzbv8FkrbK2FqXTUK1rQ7QM0Fb60Hi4PShGn8mIYDdl8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876276060d4956af-OSL
content-encoding: br
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.634.0_en.html
142.250.74.138200 OK 780 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.634.0_en.html
IP 142.250.74.138:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type HTML document, ASCII text, with very long lines (48587)
Size 780 kB (780197 bytes)
Hash a63b0ecc09cab0033d643e7ffe41341f
59fe3020160ffefa5af3ae36397ed7cdb0393eae
58e7c73b90cdc7d20235fda430532c7d94e42a9db2dfbe631238bc27ff321875
GET /js/core/bridge3.634.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 249352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 19:45:11 GMT
expires: Tue, 15 Apr 2025 19:45:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 19:43:04 GMT
content-type: text/html
vary: Accept-Encoding
age: 209994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=7q0Mkma61f2XN7cC877gnS773dAdQreQkVVoebKrEG7JRv2g4nLLLO1oA6hPFmDEy3SKbac0UEPPLbDPbePdGYhzay%2BfbS9gsQsNck%2BQc6RWODiZ63Atcu94J%2BkX4GSX0C9iBgA6eAIeUB6mClz5QshlJdkOiyAeLLzwFwT2jKDW2Oq0DkGTF9%2F4blkGB8pbaCL%2BHHlm4BU%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529713830&_adlk_ts=171342030529713830
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=7q0Mkma61f2XN7cC877gnS773dAdQreQkVVoebKrEG7JRv2g4nLLLO1oA6hPFmDEy3SKbac0UEPPLbDPbePdGYhzay%2BfbS9gsQsNck%2BQc6RWODiZ63Atcu94J%2BkX4GSX0C9iBgA6eAIeUB6mClz5QshlJdkOiyAeLLzwFwT2jKDW2Oq0DkGTF9%2F4blkGB8pbaCL%2BHHlm4BU%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529713830&_adlk_ts=171342030529713830
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=7q0Mkma61f2XN7cC877gnS773dAdQreQkVVoebKrEG7JRv2g4nLLLO1oA6hPFmDEy3SKbac0UEPPLbDPbePdGYhzay%2BfbS9gsQsNck%2BQc6RWODiZ63Atcu94J%2BkX4GSX0C9iBgA6eAIeUB6mClz5QshlJdkOiyAeLLzwFwT2jKDW2Oq0DkGTF9%2F4blkGB8pbaCL%2BHHlm4BU%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529713830&_adlk_ts=171342030529713830 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:05 GMT
X-Firefox-Spdy: h2
get.optad360.io/sf/8f6edd2e-6707-455d-aae2-c6c5fb2a4cab/plugin.min.js
52.85.243.122200 OK 289 kB URL GET HTTP/2 get.optad360.io/sf/8f6edd2e-6707-455d-aae2-c6c5fb2a4cab/plugin.min.js
IP 52.85.243.122:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
Size 289 kB (289419 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sf/8f6edd2e-6707-455d-aae2-c6c5fb2a4cab/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 17 Apr 2024 07:10:32 GMT
last-modified: Wed, 17 Apr 2024 07:02:30 GMT
etag: W/"b8ef1286695ae8718e3813f932402361"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb13343f41a549822047f18ba839fd5a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: FSq7UnwdfwYj9uxmhStP3JmDTVhnfJCzDv487LGcqiosz95OPYoItg==
age: 82471
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420304203&d=9878&wsc=00&typ=embed&mobile=0&c=47
87.98.236.115200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1713420304203&d=9878&wsc=00&typ=embed&mobile=0&c=47
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1713420304203&d=9878&wsc=00&typ=embed&mobile=0&c=47 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Thursday, 18-Apr-2024 06:05:04 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t
148.251.40.140200 OK 8.0 kB URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type XML document, ASCII text, with very long lines (8505), with no line terminators
Hash 1d666ad411db8c14ba474491f73182e5
2480c1ff17ba9124131374fbdff761576e173f58
46498ad7145c712ef7735c995bc2349afa560ae45b34a80ab230d6f472738cc2
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHYBaHVOHr2Dk/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=TMf8ZSgPHMdtoPQFQcpLhmxz%2B1eCUyAAKfJkBUGsxcp%2B3h9TN8iPwwRMbqJgidO5SDECg%2FGAUpDNmUB%2FSBWl67LJIwF2haZPsd3OaSkxH%2B405V0reOcWLjcd%2FeZ2%2FBzGWk4dEtCcTPEYWa4PUWlWqHBDvtNInhIGx6Q86sVvgeOuDJX7gj403cPOFYhKENYrNQUMFlS8J8k%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031800281100&_adlk_ts=171342031800281100
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=TMf8ZSgPHMdtoPQFQcpLhmxz%2B1eCUyAAKfJkBUGsxcp%2B3h9TN8iPwwRMbqJgidO5SDECg%2FGAUpDNmUB%2FSBWl67LJIwF2haZPsd3OaSkxH%2B405V0reOcWLjcd%2FeZ2%2FBzGWk4dEtCcTPEYWa4PUWlWqHBDvtNInhIGx6Q86sVvgeOuDJX7gj403cPOFYhKENYrNQUMFlS8J8k%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031800281100&_adlk_ts=171342031800281100
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=TMf8ZSgPHMdtoPQFQcpLhmxz%2B1eCUyAAKfJkBUGsxcp%2B3h9TN8iPwwRMbqJgidO5SDECg%2FGAUpDNmUB%2FSBWl67LJIwF2haZPsd3OaSkxH%2B405V0reOcWLjcd%2FeZ2%2FBzGWk4dEtCcTPEYWa4PUWlWqHBDvtNInhIGx6Q86sVvgeOuDJX7gj403cPOFYhKENYrNQUMFlS8J8k%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031800281100&_adlk_ts=171342031800281100 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:17 GMT
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntm.png?ts=1713420305835&i=1377120&d=9878&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
87.98.236.115200 OK 126 B URL GET HTTP/2 cdn.onnetwork.tv/cnt/a_cntm.png?ts=1713420305835&i=1377120&d=9878&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntm.png?ts=1713420305835&i=1377120&d=9878&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Thursday, 18-Apr-2024 06:05:06 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
jsc.mgid.com/o/p/optad360.joecomp.com.1487693.js?t=2051
104.19.132.76200 OK 6.0 kB URL GET HTTP/2 jsc.mgid.com/o/p/optad360.joecomp.com.1487693.js?t=2051
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type JavaScript source, ASCII text, with very long lines (6156), with no line terminators
Hash 47d46fb436232f6b205969e517e02a28
2d1399864e2fc9d54ae5075175e68a931b512bf7
a9be651cf53e96e4503dc6c0c036d454acfc721d3c2ed62cc30e7dc625166da6
GET /o/p/optad360.joecomp.com.1487693.js?t=2051 HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=6033
etag: W/"6636c6abd5e76d932649089e62339d70"
last-modified: Fri, 05 Apr 2024 10:59:52 GMT
x-amz-id-2: F3Z/xLgfG/urVmbmAgHcuiGC1uZPMgm4vwVAjNghYu5HE8L0agGGAjweUUFq2mc4ZQttEpUO4bOamV1VOQ/LWg==
x-amz-request-id: DHSX6JA54AQ5DPXD
x-amz-server-side-encryption: AES256
x-amz-version-id: FgYydIBXX2vWqKoRd7o1azEHt0YYY7XP
cf-cache-status: HIT
expires: Thu, 18 Apr 2024 09:05:03 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=Uygi8qkLZWDoMk2OZfYsYx6_VBZletHIc7Wi25d2YqE-1713420303-1.0.1.1-PflmzIozqn_xG30H4ziEi7yWA0Ki9Y9ILhuwFNkZHGbS7Q3tpsv3LY75si1wA2d3CMTNBKkIKIwU3k3UWAyIVA; path=/; expires=Thu, 18-Apr-24 06:35:03 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
server: cloudflare
cf-ray: 876276006c4b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1713283605
87.98.236.115200 OK 36 kB URL GET HTTP/2 cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1713283605
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type JavaScript source, ASCII text, with very long lines (36104), with no line terminators
Hash afc82da826e4238032f3083d4438dd01
3e20cd88bcae49e845688ce725f6071a5d89b8ab
a4497da7e3f869abb657925b27467e4b24a8e82139bb84cb4409007e24373aa9
GET /js/player90/embedOptAd.min.js?s=1713283605 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 16:06:45 GMT
vary: Accept-Encoding
etag: W/"661ea215-8d08"
expires: Mon, 04 Nov 2024 06:05:04 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.mgid.com/images/mgid/mgid_ua.svg
104.19.132.76200 OK 2.3 kB URL GET HTTP/3 cdn.mgid.com/images/mgid/mgid_ua.svg
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type SVG Scalable Vector Graphics image
Hash b066f5afee750110b07082a2ccaff7ae
5c68e2ff5119cb89c2e866e273e198c6884bd9ed
8d2fe852ca66f19b4e44a9afa6d5c208ac5f7492f898ae5e059ff388b0316ccc
GET /images/mgid/mgid_ua.svg HTTP/1.1
Host: cdn.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: __cf_bm=Uygi8qkLZWDoMk2OZfYsYx6_VBZletHIc7Wi25d2YqE-1713420303-1.0.1.1-PflmzIozqn_xG30H4ziEi7yWA0Ki9Y9ILhuwFNkZHGbS7Q3tpsv3LY75si1wA2d3CMTNBKkIKIwU3k3UWAyIVA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: image/svg+xml
x-amz-id-2: 9QdXxECBm8fo+nvhkEp17RWGZAktNnJw/xQxNH4/+6qYdApkWDcLIyjVPDsNc/c0QPPeTxHQEeI=
x-amz-request-id: KGF1NPHRJJVA286K
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
etag: W/"617c205137825561208ef7c1a2d8f319"
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
x-amz-version-id: null
cf-cache-status: HIT
age: 7067
expires: Fri, 19 Apr 2024 06:05:03 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
server: cloudflare
cf-ray: 8762760318f15695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
147.75.84.158200 OK 121 B URL GET HTTP/2 prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
IP 147.75.84.158:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA1:19:DD:ED:07:5D:68:74:9A:FE:2B:DF:66:5F:D6:E6:F5:B4:1E:6C
ValidityWed, 06 Mar 2024 11:52:06 GMT - Tue, 04 Jun 2024 11:52:05 GMT
File type HTML document, ASCII text, with no line terminators
Hash 12fc712e10477d69834a9363447fca85
51f77702645e7715ea5113e41a4fd15c763f33f8
fcb7043b8c1ade83f6fd41fecb355d6c4a039db17a59ea9fdc6eefea614f9d1f
GET /isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-type: text/html; charset=utf-8
date: Thu, 18 Apr 2024 06:05:03 GMT
server: envoy
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdnx.onnetwork.tv/sd/1/3/1377120.mp4?sev=WkkNqo3gM6zle2x-4l4IZw&e=1713431104&u=9878
0.0.0.0 0 B URL GET cdnx.onnetwork.tv/sd/1/3/1377120.mp4?sev=WkkNqo3gM6zle2x-4l4IZw&e=1713431104&u=9878
IP 0.0.0.0:0
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sd/1/3/1377120.mp4?sev=WkkNqo3gM6zle2x-4l4IZw&e=1713431104&u=9878 HTTP/1.1
Host: cdnx.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: video/mp4
content-length: 18666377
last-modified: Mon, 27 Nov 2023 10:49:38 GMT
etag: "65647442-11cd389"
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-range: bytes 0-18666376/18666377
X-Firefox-Spdy: h2
yandex.ru/ads/adfox/390632/getCode?pp=cxgb&ps=gnpw&p2=iiqv
5.255.255.70200 OK 42 B URL GET HTTP/2 yandex.ru/ads/adfox/390632/getCode?pp=cxgb&ps=gnpw&p2=iiqv
IP 5.255.255.70:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
Fingerprint17:FB:0C:B6:3F:7F:A5:4C:41:AD:D0:5C:6B:9A:96:47:FE:AF:C8:5C
ValidityMon, 04 Mar 2024 10:29:07 GMT - Sun, 01 Sep 2024 20:59:59 GMT
File type XML document, ASCII text, with no line terminators
Hash 43a4e06a4bfb8060ee104f146b6e58e3
6a5f8570e95301019c985431f532465e9f90d1ff
a30ccb71b0609fddacd27e15b9e0386c65a06146f046f82b6d18f53d90e4755b
GET /ads/adfox/390632/getCode?pp=cxgb&ps=gnpw&p2=iiqv HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://ja.joecomp.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-yandex-req-id: 1713420304446760-5526674672471963869-balancer-l7leveler-kubr-yp-vla-168-BAL
last-modified: Thu, 18 Apr 2024 06:05:04 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
date: Thu, 18 Apr 2024 06:05:04 GMT
set-cookie: i=EASWgUEaokUvk+TmTySq0+m0WX3kKxA+IwWTft7ODFY4c2GR974wMr0zql6DQYlaFN7WoYKCYbhbqNv3kgeSRx2/y24=; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1719638691713420304; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=2448507001713420304; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly
receive-cookie-deprecation=1; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly; Partitioned
content-security-policy-report-only: default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform
content-type: text/xml; charset=utf-8
content-disposition: attachment; filename="null"
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
expires: Thu, 18 Apr 2024 06:05:04 GMT
x-adfox: {"default":true, "place_id":1338485, "code_type":"regular"}
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/player86.css?s=1709565733
87.98.236.115200 OK 50 kB URL GET HTTP/2 cdn.onnetwork.tv/css/player86.css?s=1709565733
IP 87.98.236.115:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/player86.css?s=1709565733 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: XO.webservantpro
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 15:22:13 GMT
vary: Accept-Encoding
etag: W/"65e5e725-c1da"
expires: Mon, 04 Nov 2024 06:05:04 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=jBkX9LKoGVHUitMhxBH1Q5CTPeA%2BTGp9QwCvhVxLZsDwpOz8I52FNCmjjm4aIpvzy0Yj3JLj67MamNwP79M3pa%2FiF2mkvD68Iy2qR1CIXWfuVTZAHRlBGJJwl5kNash4zfXOma1c5yAXnYd1ePxKO7LrYm27akK%2BvGaisFUxikIXa0hMLOkTFOepnH2aeE4aOmD5gekLIE0%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=17134203160651689&_adlk_ts=17134203160651689
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=jBkX9LKoGVHUitMhxBH1Q5CTPeA%2BTGp9QwCvhVxLZsDwpOz8I52FNCmjjm4aIpvzy0Yj3JLj67MamNwP79M3pa%2FiF2mkvD68Iy2qR1CIXWfuVTZAHRlBGJJwl5kNash4zfXOma1c5yAXnYd1ePxKO7LrYm27akK%2BvGaisFUxikIXa0hMLOkTFOepnH2aeE4aOmD5gekLIE0%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=17134203160651689&_adlk_ts=17134203160651689
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=jBkX9LKoGVHUitMhxBH1Q5CTPeA%2BTGp9QwCvhVxLZsDwpOz8I52FNCmjjm4aIpvzy0Yj3JLj67MamNwP79M3pa%2FiF2mkvD68Iy2qR1CIXWfuVTZAHRlBGJJwl5kNash4zfXOma1c5yAXnYd1ePxKO7LrYm27akK%2BvGaisFUxikIXa0hMLOkTFOepnH2aeE4aOmD5gekLIE0%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=17134203160651689&_adlk_ts=17134203160651689 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:15 GMT
X-Firefox-Spdy: h2
cdn.viads.net/player/2.8.1-rollback/index.js
141.94.202.176200 OK 130 kB URL GET HTTP/2 cdn.viads.net/player/2.8.1-rollback/index.js
IP 141.94.202.176:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectcdn2.viads.net
Fingerprint15:C3:0C:6E:09:EA:16:C4:B5:37:3D:E1:C7:F5:82:7D:5A:20:1C:5F
ValidityThu, 21 Mar 2024 06:03:24 GMT - Wed, 19 Jun 2024 06:03:23 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (130456 bytes)
Hash 82fb0567e9e3cf876c065f5531ac0d9a
d2cdd6b164950fd7c704f0fc5cf5cd6cafb3fe14
a480bdc8a841c92da20f150cfa8798f66d69630662bf3693104e5305350cdcf2
GET /player/2.8.1-rollback/index.js HTTP/1.1
Host: cdn.viads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 14:53:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: https://ja.joecomp.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cache-control: max-age=315360000, public, no-transform
content-encoding: gzip
X-Firefox-Spdy: h2
cmp.optad360.io/items/cmp/v3/atpList.json.min.js
54.230.111.106200 OK 142 kB URL GET HTTP/2 cmp.optad360.io/items/cmp/v3/atpList.json.min.js
IP 54.230.111.106:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
Size 142 kB (141551 bytes)
Hash b09fb291df761317a30f0ef8f3c47fc3
3c2bfd31dc6fd0e731054e234d3ca0af6fcef39a
00423548147d6f5522e181a791908d176cd0c1664dccba9076b01c7b0e292a12
GET /items/cmp/v3/atpList.json.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 18 Apr 2024 02:06:43 GMT
last-modified: Fri, 16 Feb 2024 09:21:56 GMT
etag: W/"f67b2956f7590fb4ff1f13854adfe496"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yvoKbuIRcCgy5WcRN7PuwTchIBevmyLrInY-XVa-qfsCeWD6Li1lsA==
age: 14303
access-control-allow-origin: *
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHXgM0XseKM04/jsvpaid
148.251.40.140307 Temporary Redirect 11 kB URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHXgM0XseKM04/jsvpaid
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHXgM0XseKM04/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 18 Apr 2024 06:05:00 GMT
content-type: text/html; charset=utf-8
content-length: 114
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
location: /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHXgM0XseKM04/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=e7c2e2a6-6ee7-43bb-7290-8481eb003445; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:00 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid
148.251.40.140307 Temporary Redirect 11 kB URL GET HTTP/2 exchange.buzzoola.com/adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/html; charset=utf-8
content-length: 114
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
location: /adv/Pj83_mHbvbuHJs1LknWH2OGeGbBVUByHRt-bZ2f_jng/jsvpaid?set_buzzoola_cookie=t
set-cookie: uuid=14123a55-c0ed-495b-6aee-7a603ee23e21; Path=/; Domain=buzzoola.com; Expires=Sat, 18 May 2024 06:05:04 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
utraff.com/vpaidp/bundle.a6561a4c.js
172.67.74.180200 OK 140 kB URL GET HTTP/2 utraff.com/vpaidp/bundle.a6561a4c.js
IP 172.67.74.180:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectutraff.com
Fingerprint33:5E:E6:D1:25:D0:06:4F:AC:56:7F:BD:6C:A7:DD:31:72:25:35:57
ValiditySat, 06 Apr 2024 06:57:44 GMT - Fri, 05 Jul 2024 06:57:43 GMT
Size 140 kB (140233 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vpaidp/bundle.a6561a4c.js HTTP/1.1
Host: utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: utid=7L7oe-39qQwfMmY1a8SsfDuxXyDrzjj2oEiLC00_a3nqqXm7-_t1fsJ9Ea0w2emcNFwqk8xcgVDdVBeOEFom3g
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:18 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:29:02 GMT
etag: W/"661f965e-223c9"
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-cache-status: HIT
age: 7082
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MrRzZXLJ6C1A4ptzWx4sEcQ1HmN5DuTVMaFysNcIO5b4vD6sg4guFxHGOSH2x4THHj4WeG8jBUzrFprjuukXHp8Air%2F%2B%2BCvb0JrT3bUyvGAVyOM6SD7IDaAnIQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762765ba95156af-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js
104.21.70.253200 OK 382 B URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js
IP 104.21.70.253:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File type ASCII text, with very long lines (411), with no line terminators
Hash 9ffae600059bf4e6adb35ebb274ae385
6130e466c04551baa2a5d650e6bd5a87daba73a7
a7d15e051fb3d3c31494683306bb7752478354894825b110d26d333cbeaaeb39
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:06 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7qTAwyjkM30Yx7K3oCYSIpFahGhQjGfCcNNiDQLT%2BGbynDUGRRDlFDX5j0cI%2FzO1p%2F8T99BcXxN3OxMq8FgvIPoqUAjJhwAprSffO%2BX25rM%2B0PBIX9dOP22EozdRafH9DP62p1NlGiw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87627611cd8b568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.optad360.io/items/cmp/v3/translations/v9/en.json.min.js
54.230.111.106200 OK 5.2 kB URL GET HTTP/2 cmp.optad360.io/items/cmp/v3/translations/v9/en.json.min.js
IP 54.230.111.106:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (5432), with no line terminators
Hash 8746dc2346acd7b7e505c05e1fd95040
b803988a18f7a83a92342394e09e96c1a9fd9642
27034ba0903eefe3fbd3a8a547bbaf696f8b7eee93fb899c86fafc64e672a790
GET /items/cmp/v3/translations/v9/en.json.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Mon, 18 Mar 2024 02:36:02 GMT
last-modified: Fri, 16 Feb 2024 10:21:14 GMT
etag: W/"62ba9f54a9611bfde1669a697d9e6054"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wOZW_kI-3uQbUPNR_wsKprmvIZ-vRRdBVa3leJzFWKvCwaGD_SZRCA==
age: 2690942
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css
104.21.70.253200 OK 4.6 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css
IP 104.21.70.253:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File type ASCII text, with very long lines (4886), with no line terminators
Hash 1230b98f01a549572edcd2bf3bdcb4ad
ac87a2a752ffb8b5167566183fddd531d7971be9
9a2954fc66ebbb9adf18c2ea4403d2a0a5dedf2928f9905e1fc656f5dc1b208d
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Asp41x2hgC9j%2BSJO372ffYess%2F1rC3b3g3mX6DSL%2FuKDGYq9MVLHayFgeGTsdjcBT1Vl2wP37osTUbv0K4151p2Nnc1p0xxDyAA7RpOcvn7JDfXnmtwUsVtWmC4wyNUE5SpCmVhwdjLm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762760d3ffb568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
servicer.mgid.com/1487693/1?tcfV2=1&w=863&h=501&sz=279x222&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&sessionId=6620b811-039a2&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&cbuster=1713420304822822296967&pvid=18eefcefda3b20e8d3d&implVersion=10&cxurl=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&mp4=0&ap=0&consentStrLen=0&uniqId=01346&pv=5&lct=1712275200&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=49702e02&tfre=2401
104.19.132.76200 OK 6.3 kB URL GET HTTP/3 servicer.mgid.com/1487693/1?tcfV2=1&w=863&h=501&sz=279x222&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&sessionId=6620b811-039a2&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&cbuster=1713420304822822296967&pvid=18eefcefda3b20e8d3d&implVersion=10&cxurl=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&mp4=0&ap=0&consentStrLen=0&uniqId=01346&pv=5&lct=1712275200&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=49702e02&tfre=2401
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type ASCII text, with very long lines (6733), with no line terminators
Hash 7bd60912f6a08a6d14e57e396e4a1807
66c17948fa9e224fc9f53fb95b299090427c5add
d7e8e30226a83c23b54a8febd5e85a6012a3accc3dc6ee9d2701238cd10fcb86
GET /1487693/1?tcfV2=1&w=863&h=501&sz=279x222&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&sessionId=6620b811-039a2&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&cbuster=1713420304822822296967&pvid=18eefcefda3b20e8d3d&implVersion=10&cxurl=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&mp4=0&ap=0&consentStrLen=0&uniqId=01346&pv=5&lct=1712275200&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=49702e02&tfre=2401 HTTP/1.1
Host: servicer.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Uygi8qkLZWDoMk2OZfYsYx6_VBZletHIc7Wi25d2YqE-1713420303-1.0.1.1-PflmzIozqn_xG30H4ziEi7yWA0Ki9Y9ILhuwFNkZHGbS7Q3tpsv3LY75si1wA2d3CMTNBKkIKIwU3k3UWAyIVA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8762760a5ad35695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
188.114.97.1200 OK 47 kB URL User Request GET HTTP/2 ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /run-programs-as-services-with-firedaemon-pro HTTP/1.1
Host: ja.joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.28
cache-control: max-age=86400
expires: Fri, 19 Apr 2024 06:05:02 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aiUFLQhTskYmkRolX%2Fbwvg%2BXocUnDTCDLYD%2FVgVeh3EqFIxlqwt80ji3KDUG5zxfC8SKXs15icYjfvz3frICDSxrKL%2BbkljELyUYoxyWjfdugCuOXpvnR%2BdKwHOVmODFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876275f9380d0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
amer.hhkld.com/cnsync/106801?prm=%5B%22richau%22%5D
185.106.140.207200 OK 1 B URL GET HTTP/2 amer.hhkld.com/cnsync/106801?prm=%5B%22richau%22%5D
IP 185.106.140.207:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjecthhkld.com
Fingerprint8F:B1:0C:A0:87:DD:30:BF:E2:DD:3B:46:BE:0C:C8:0A:AF:06:35:32
ValidityMon, 19 Feb 2024 04:08:17 GMT - Sun, 19 May 2024 04:08:16 GMT
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /cnsync/106801?prm=%5B%22richau%22%5D HTTP/1.1
Host: amer.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Cookie: uid=CmX+RGYguA6bHU511zksAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: application/json
set-cookie: sync6=%7B%22richau%22%3A%5B1%2C1713420303%5D%7D; expires=Fri, 26-Apr-2024 06:05:03 GMT; Max-Age=691200; path=/; secure; SameSite=None
access-control-allow-origin: https://ja.joecomp.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
ads.adlook.me/vast?id=25342&w=1280&h=720&mult=1&rw=0&ref=&loc=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&top=&_ts=1713420303417
5.101.76.186200 OK 155 kB URL GET HTTP/2 ads.adlook.me/vast?id=25342&w=1280&h=720&mult=1&rw=0&ref=&loc=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&top=&_ts=1713420303417
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Size 155 kB (155311 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vast?id=25342&w=1280&h=720&mult=1&rw=0&ref=&loc=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&top=&_ts=1713420303417 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 155311
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=17db4f94119548ee94f85b5dfecc8d50; expires=Thu, 17 Apr 2025 21:00:00 GMT; path=/; SameSite=None; secure; samesite=none
access-control-allow-origin: https://ja.joecomp.com
access-control-allow-credentials: true
date: Thu, 18 Apr 2024 06:05:03 GMT
X-Firefox-Spdy: h2
video.onnetwork.tv/frame86.php?id=ffONNPe77778543042134377cc25a731cdb35617134203042041&iid=1713420304204&e=1&ap=4&map=1&umum=1&naa=0&lang=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=1377120&dpb=1&onnwid=9878&wtop=https%253A%252F%252Fja.joecomp.com%252Frun-programs-as-services-with-firedaemon-pro&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNPe77778543042134377cc25a731cdb3561713420304200&rrpt=%7B%22CxSegments%22%3Anull%7D
51.83.24.136200 OK 25 kB URL GET HTTP/2 video.onnetwork.tv/frame86.php?id=ffONNPe77778543042134377cc25a731cdb35617134203042041&iid=1713420304204&e=1&ap=4&map=1&umum=1&naa=0&lang=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=1377120&dpb=1&onnwid=9878&wtop=https%253A%252F%252Fja.joecomp.com%252Frun-programs-as-services-with-firedaemon-pro&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNPe77778543042134377cc25a731cdb3561713420304200&rrpt=%7B%22CxSegments%22%3Anull%7D
IP 51.83.24.136:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectonnetwork.tv
FingerprintB5:95:77:A6:1E:ED:C6:99:C8:EC:67:3C:AB:A2:97:C3:7B:E2:62:6A
ValiditySat, 30 Mar 2024 09:38:38 GMT - Fri, 28 Jun 2024 09:38:37 GMT
File type HTML document, ASCII text, with very long lines (12850)
Hash c57f76b326bc4ad7490d6e50f951807b
20dbda3c03b316972b0d5848af23b90e9b45a7d7
2adcbf98d79ad1886ecc766c3a17da3782fc1795c19dee4b5e46086276101ad2
GET /frame86.php?id=ffONNPe77778543042134377cc25a731cdb35617134203042041&iid=1713420304204&e=1&ap=4&map=1&umum=1&naa=0&lang=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=1377120&dpb=1&onnwid=9878&wtop=https%253A%252F%252Fja.joecomp.com%252Frun-programs-as-services-with-firedaemon-pro&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNPe77778543042134377cc25a731cdb3561713420304200&rrpt=%7B%22CxSegments%22%3Anull%7D HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Thu, 18 Apr 2024 06:05:04 GMT
expires: Thu, 18 Apr 2024 06:05:05 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
access-control-allow-origin: https://ja.joecomp.com
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Thu, 18 Apr 2024 06:05:04 GMT
server: XO.webservant
X-Firefox-Spdy: h2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=UdbC3ViUkuHUePLkmncJ1YBT50N00B1%2F89NI3svCtggJJCbQ0NsLmv5p%2BNWyK5iRK9gUiBl%2Foi3DO7Fp0BBog9bi8ASRTu%2BpM2XP5cy4vPUH%2FpxOSS%2F3A0hq97BY04C831Rm%2BXOIH3lr2XCpfNjWJdJ0%2BCQrhR3RDW4k3dlPbi8p4VsAeVxkuS6hUo2Qk43UVKY%2FfKZ6ppA%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031606663413&_adlk_ts=171342031606663413
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=UdbC3ViUkuHUePLkmncJ1YBT50N00B1%2F89NI3svCtggJJCbQ0NsLmv5p%2BNWyK5iRK9gUiBl%2Foi3DO7Fp0BBog9bi8ASRTu%2BpM2XP5cy4vPUH%2FpxOSS%2F3A0hq97BY04C831Rm%2BXOIH3lr2XCpfNjWJdJ0%2BCQrhR3RDW4k3dlPbi8p4VsAeVxkuS6hUo2Qk43UVKY%2FfKZ6ppA%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031606663413&_adlk_ts=171342031606663413
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=UdbC3ViUkuHUePLkmncJ1YBT50N00B1%2F89NI3svCtggJJCbQ0NsLmv5p%2BNWyK5iRK9gUiBl%2Foi3DO7Fp0BBog9bi8ASRTu%2BpM2XP5cy4vPUH%2FpxOSS%2F3A0hq97BY04C831Rm%2BXOIH3lr2XCpfNjWJdJ0%2BCQrhR3RDW4k3dlPbi8p4VsAeVxkuS6hUo2Qk43UVKY%2FfKZ6ppA%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031606663413&_adlk_ts=171342031606663413 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:15 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 7.0 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type ASCII text, with very long lines (7193), with no line terminators
Hash 16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:05:05 GMT
date: Thu, 18 Apr 2024 06:05:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
demo.mekshq.com/herald/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
172.67.202.34200 OK 77 kB URL GET HTTP/2 demo.mekshq.com/herald/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 172.67.202.34:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectmekshq.com
Fingerprint51:17:C9:9C:92:BF:2E:C0:93:3A:73:4B:91:26:B9:09:BD:18:DF:5F
ValiditySat, 02 Mar 2024 13:22:43 GMT - Fri, 31 May 2024 13:22:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /herald/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: demo.mekshq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://joecomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: font/woff2
content-length: 77160
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
expires: Sun, 23 Mar 2025 09:45:40 GMT
last-modified: Wed, 16 Nov 2016 15:37:10 GMT
etag: "12d68-582c7d26-ac382c1df5f1865e;;;"
vary: User-Agent, Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yL4ohRoMODe46%2F9y013oAq4UcLOn3ZjePVJpkhc21JTRZ6ZPxUnOz4fNHhu%2BT2UistAJLCTKlgI354sYEy6ek9kQlKJsJdq9g55nFz4csc7iQHs75EdS7zzOr6Nv7CWUtIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876275fe9c8d7128-OSL
X-Firefox-Spdy: h2
cdn.mgid.com/images/logos/Adchoices.svg
104.19.132.76200 OK 836 B URL GET HTTP/3 cdn.mgid.com/images/logos/Adchoices.svg
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type SVG Scalable Vector Graphics image
Hash 7a6c3544efa730309b432176ec04feff
602b751a09f3523362984eddc29904a52bf0b093
86743b140d92d43bda858181357ddc78bf1e67de569b404d0e21cc72b0cc718a
GET /images/logos/Adchoices.svg HTTP/1.1
Host: cdn.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: __cf_bm=Uygi8qkLZWDoMk2OZfYsYx6_VBZletHIc7Wi25d2YqE-1713420303-1.0.1.1-PflmzIozqn_xG30H4ziEi7yWA0Ki9Y9ILhuwFNkZHGbS7Q3tpsv3LY75si1wA2d3CMTNBKkIKIwU3k3UWAyIVA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: image/svg+xml
x-amz-id-2: cgh5TeEXgcuyz60mX39mLvwrNG8G/0hndpmW6Ztq6YxrKfOPlR+0zLh9N/PBWzaoZKcILjgJJuE=
x-amz-request-id: 3SSQJZ1GM0TM7BGH
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
x-amz-version-id: null
cf-cache-status: HIT
age: 7067
expires: Fri, 19 Apr 2024 06:05:03 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
server: cloudflare
cf-ray: 8762760318ef5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js
104.21.70.253200 OK 90 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js
IP 104.21.70.253:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash 561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4230961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kswuKOdwiqtC8pBxf3Daenq%2BVl5ZbKOHAuMVGf%2BAjlVT1WjYxj8y%2FHB9Z74P%2B9%2BvLMGn9v7stytzwIvOXvR6U9MFyiAzJ6I%2FapJQutkuTR1tfgertFliAwvZk2LY0KyvIb1ALGBbqv3V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762760dd903568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js
142.250.74.40200 OK 124 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js
IP 142.250.74.40:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File type JavaScript source, ASCII text, with very long lines (1900)
Size 124 kB (124499 bytes)
Hash 4d41e7448444abe67dd2d66cc157cdb2
76159bd61a2a6a86d4868682f6e0f6ec67b1eee6
908426b4d10dfc0716ec6284b031ddbfc341b8067b63a66c62a1f7807d0b5137
GET /gtag/js HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:05:06 GMT
expires: Thu, 18 Apr 2024 06:05:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47766
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.mgid.com/pv/?lu=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&cbuster=1713420303779932820029&pvid=18eefcefda3b20e8d3d&implVersion=10&cxurl=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&site=893303&i=1
104.19.132.76200 OK 43 B URL GET HTTP/3 c.mgid.com/pv/?lu=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&cbuster=1713420303779932820029&pvid=18eefcefda3b20e8d3d&implVersion=10&cxurl=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&site=893303&i=1
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
File type GIF image data, version 89a, 1 x 1
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /pv/?lu=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&cbuster=1713420303779932820029&pvid=18eefcefda3b20e8d3d&implVersion=10&cxurl=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&site=893303&i=1 HTTP/1.1
Host: c.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Uygi8qkLZWDoMk2OZfYsYx6_VBZletHIc7Wi25d2YqE-1713420303-1.0.1.1-PflmzIozqn_xG30H4ziEi7yWA0Ki9Y9ILhuwFNkZHGbS7Q3tpsv3LY75si1wA2d3CMTNBKkIKIwU3k3UWAyIVA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87627602a8625695-OSL
alt-svc: h3=":443"; ma=86400
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=BU0lEZJaqcU5qZ4c0g%2F49R7lFv7TWO%2F8x4%2FkpmxHpkVvid82Gdse1%2B8Fj84ohr7VyycezdgtKBlae8e5%2FRNbaZt8TFTC6DA%2BPQfoi9keKsAqCehWWE%2BeLLqzBEFVCrxkPZEdGWAgVVjB3adZ0otncextO4ScH7qE%2Ba8scj4E8IFboZTvdV8F%2BncQGH%2BGrkE1TfRHUVZcc8k%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031606344302&_adlk_ts=171342031606344302
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=BU0lEZJaqcU5qZ4c0g%2F49R7lFv7TWO%2F8x4%2FkpmxHpkVvid82Gdse1%2B8Fj84ohr7VyycezdgtKBlae8e5%2FRNbaZt8TFTC6DA%2BPQfoi9keKsAqCehWWE%2BeLLqzBEFVCrxkPZEdGWAgVVjB3adZ0otncextO4ScH7qE%2Ba8scj4E8IFboZTvdV8F%2BncQGH%2BGrkE1TfRHUVZcc8k%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031606344302&_adlk_ts=171342031606344302
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=BU0lEZJaqcU5qZ4c0g%2F49R7lFv7TWO%2F8x4%2FkpmxHpkVvid82Gdse1%2B8Fj84ohr7VyycezdgtKBlae8e5%2FRNbaZt8TFTC6DA%2BPQfoi9keKsAqCehWWE%2BeLLqzBEFVCrxkPZEdGWAgVVjB3adZ0otncextO4ScH7qE%2Ba8scj4E8IFboZTvdV8F%2BncQGH%2BGrkE1TfRHUVZcc8k%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031606344302&_adlk_ts=171342031606344302 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:15 GMT
X-Firefox-Spdy: h2
yandex.ru/ads/adfox/270465/getCode?pp=g&ps=gyzl&p2=gcuq&puid1=&puid2=
5.255.255.70200 OK 42 B URL GET HTTP/2 yandex.ru/ads/adfox/270465/getCode?pp=g&ps=gyzl&p2=gcuq&puid1=&puid2=
IP 5.255.255.70:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
Fingerprint17:FB:0C:B6:3F:7F:A5:4C:41:AD:D0:5C:6B:9A:96:47:FE:AF:C8:5C
ValidityMon, 04 Mar 2024 10:29:07 GMT - Sun, 01 Sep 2024 20:59:59 GMT
File type XML document, ASCII text, with no line terminators
Hash 43a4e06a4bfb8060ee104f146b6e58e3
6a5f8570e95301019c985431f532465e9f90d1ff
a30ccb71b0609fddacd27e15b9e0386c65a06146f046f82b6d18f53d90e4755b
GET /ads/adfox/270465/getCode?pp=g&ps=gyzl&p2=gcuq&puid1=&puid2= HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://ja.joecomp.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-yandex-req-id: 1713420304451419-11501075112912914737-balancer-l7leveler-kubr-yp-vla-168-BAL
last-modified: Thu, 18 Apr 2024 06:05:04 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
date: Thu, 18 Apr 2024 06:05:04 GMT
set-cookie: i=LWdlqw7leMseXqAfES+Kj81BNnJUUWMfK7q6/uHcZ83NwOnS0oCi4g46Mpza8GZscSP9lsJG516dq/J3Uw0gjfFgfbc=; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7129147371713420304; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=7695402451713420304; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly
receive-cookie-deprecation=1; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly; Partitioned
content-security-policy-report-only: default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform
content-type: text/xml; charset=utf-8
content-disposition: attachment; filename="null"
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
expires: Thu, 18 Apr 2024 06:05:04 GMT
x-adfox: {"default":true, "place_id":1369254, "code_type":"regular"}
X-Firefox-Spdy: h2
yandex.ru/ads/adfox/390632/getCode?pp=g&ps=hmtc&p2=iiqv
5.255.255.70200 OK 42 B URL GET HTTP/2 yandex.ru/ads/adfox/390632/getCode?pp=g&ps=hmtc&p2=iiqv
IP 5.255.255.70:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
Fingerprint17:FB:0C:B6:3F:7F:A5:4C:41:AD:D0:5C:6B:9A:96:47:FE:AF:C8:5C
ValidityMon, 04 Mar 2024 10:29:07 GMT - Sun, 01 Sep 2024 20:59:59 GMT
File type XML document, ASCII text, with no line terminators
Hash 43a4e06a4bfb8060ee104f146b6e58e3
6a5f8570e95301019c985431f532465e9f90d1ff
a30ccb71b0609fddacd27e15b9e0386c65a06146f046f82b6d18f53d90e4755b
GET /ads/adfox/390632/getCode?pp=g&ps=hmtc&p2=iiqv HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://ja.joecomp.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-yandex-req-id: 1713420304454656-10571444799394441025-balancer-l7leveler-kubr-yp-vla-168-BAL
last-modified: Thu, 18 Apr 2024 06:05:04 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
date: Thu, 18 Apr 2024 06:05:04 GMT
set-cookie: i=SiwRPUNmGMB5YWa9rQdsvJM7a3lLeyfr0Quh6k9B31KSl8pZP5qsOjzYgSwXktvrTJnWaq2WblOvGgqEWWuepkB5GM8=; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1944410251713420304; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=3483525611713420304; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly
receive-cookie-deprecation=1; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly; Partitioned
content-security-policy-report-only: default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform
content-type: text/xml; charset=utf-8
content-disposition: attachment; filename="null"
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
expires: Thu, 18 Apr 2024 06:05:04 GMT
x-adfox: {"default":true, "place_id":1402350, "code_type":"regular"}
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/core/bridge3.634.0_en.html
142.250.74.138200 OK 780 kB URL GET HTTP/3 imasdk.googleapis.com/js/core/bridge3.634.0_en.html
IP 142.250.74.138:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type HTML document, ASCII text, with very long lines (48587)
Size 780 kB (780197 bytes)
Hash a63b0ecc09cab0033d643e7ffe41341f
59fe3020160ffefa5af3ae36397ed7cdb0393eae
58e7c73b90cdc7d20235fda430532c7d94e42a9db2dfbe631238bc27ff321875
GET /js/core/bridge3.634.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 249352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 19:45:11 GMT
expires: Tue, 15 Apr 2025 19:45:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 19:43:04 GMT
content-type: text/html
vary: Accept-Encoding
age: 209994
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=vbE9WOeu0AO6oOnisacChu9DntIBxjePjVqHRB6ngXavou5tPrMHqfMk3qNJTJeWijooFBKUrViJtaA70%2BApUY83oXyuH5TfP4J9nHmtsmgfXd%2B%2BhGDpPD8TwnuFMZi04zSV2SrI4PNSGo0EErgq78GP9VjVkqQEx6vT%2FSJqPqu0DC0P%2FMwqBV6otlDYNh4DQJNenA%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529283436&_adlk_ts=171342030529283436
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=vbE9WOeu0AO6oOnisacChu9DntIBxjePjVqHRB6ngXavou5tPrMHqfMk3qNJTJeWijooFBKUrViJtaA70%2BApUY83oXyuH5TfP4J9nHmtsmgfXd%2B%2BhGDpPD8TwnuFMZi04zSV2SrI4PNSGo0EErgq78GP9VjVkqQEx6vT%2FSJqPqu0DC0P%2FMwqBV6otlDYNh4DQJNenA%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529283436&_adlk_ts=171342030529283436
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=vbE9WOeu0AO6oOnisacChu9DntIBxjePjVqHRB6ngXavou5tPrMHqfMk3qNJTJeWijooFBKUrViJtaA70%2BApUY83oXyuH5TfP4J9nHmtsmgfXd%2B%2BhGDpPD8TwnuFMZi04zSV2SrI4PNSGo0EErgq78GP9VjVkqQEx6vT%2FSJqPqu0DC0P%2FMwqBV6otlDYNh4DQJNenA%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529283436&_adlk_ts=171342030529283436 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:05 GMT
X-Firefox-Spdy: h2
joecomp.com/template/herald/js/js.js
172.67.182.205200 OK 256 kB URL GET HTTP/2 joecomp.com/template/herald/js/js.js
IP 172.67.182.205:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectjoecomp.com
FingerprintAB:6E:A4:FB:BB:F6:09:D0:73:4C:F5:81:B6:70:2F:3E:67:0E:25:EF
ValidityFri, 01 Mar 2024 08:33:36 GMT - Thu, 30 May 2024 08:33:35 GMT
File type JavaScript source, ASCII text, with very long lines (32077), with CRLF line terminators
Size 256 kB (256197 bytes)
Hash beb76bc740ab03f0cafbcc8ecba7d7b1
388894f12998ba2d0f852ca569cb8b54d6d26333
e89a8a40038f6171ec2da76567cc0951766ef65427719a7d9c08d35dc1d9f0ff
GET /template/herald/js/js.js HTTP/1.1
Host: joecomp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: application/javascript
last-modified: Sat, 22 Feb 2020 20:39:13 GMT
etag: W/"3e8c5-59f302184565e"
cache-control: max-age=1209600
expires: Fri, 26 Apr 2024 19:46:00 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 469142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5IatYCZygq4PiFrOP6yUN7HoBBqM9wvwYSKEsyYf%2Bncwl7V0ZZXLha25ujDZlmZSlxaX46KOol4yfhgnP1fd66TmIgxy4FQNoQENjTNDX4dFm0XZqN2GuB9UtdHyGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876275fc083656c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
downstairsnegotiatebarren.com/sfp.js
172.67.180.87200 OK 86 kB URL GET HTTP/2 downstairsnegotiatebarren.com/sfp.js
IP 172.67.180.87:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c807b329ee3c2356b252428cae5b928f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 06:05:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqNuP46yn4IzXtOXE7E4xwno8lUXpYoJ3VVxjObzg3IDUIbmq2RvUuQQcC4Btx9leJ3U5heuqzT9gCqMkgykaIrgaIXJAPco5l46rfUQn%2FzLBgzEyynzV%2F3D70XiqqNVA8c1p2ddKlSubtNh8E%2BEZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876276002a0656b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
amer.hhkld.com/tag/load-106801.js
185.106.140.207200 OK 297 B URL GET HTTP/2 amer.hhkld.com/tag/load-106801.js
IP 185.106.140.207:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjecthhkld.com
Fingerprint8F:B1:0C:A0:87:DD:30:BF:E2:DD:3B:46:BE:0C:C8:0A:AF:06:35:32
ValidityMon, 19 Feb 2024 04:08:17 GMT - Sun, 19 May 2024 04:08:16 GMT
File type JavaScript source, ASCII text, with very long lines (304), with no line terminators
Hash 2abd6af804a9256958fc088562912dc5
71b3b9830c30d673c1e16c75785e1ddd8cf6931e
711aac0fa3bc701eadefd7fab2dbae0d765ae5f6d38b604d9129e2b320367258
GET /tag/load-106801.js HTTP/1.1
Host: amer.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:02 GMT
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
set-cookie: uid=CmX+RGYguA6bHU511zksAg==; expires=Fri, 18-Apr-25 06:05:02 GMT; domain=.hhkld.com; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-rtb.sape.ru/rtb-b/vast/532/863532.xml
185.12.127.178200 OK 1.2 kB URL GET HTTP/2 cdn-rtb.sape.ru/rtb-b/vast/532/863532.xml
IP 185.12.127.178:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT
File type XML document, ASCII text, with very long lines (1234), with no line terminators
Hash 0a08abc13651e290611ff2444f481d4e
3b8c900cd67d43bee7df736867b09b06dbbb31d5
8f41a8746979d71df2cb254938dabbf9692f3d82231f0457046ca19e670e6f8a
GET /rtb-b/vast/532/863532.xml HTTP/1.1
Host: cdn-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/xml; charset=UTF-8
content-security-policy: block-all-mixed-content
etag: W/"9b12512f6a5956d8cffa4d5aaf5a7feb"
last-modified: Mon, 15 Apr 2024 02:07:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 17C6524D9DE7BEDD
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
expires: Thu, 18 Apr 2024 07:05:04 GMT
cache-control: max-age=3600
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.joecomp.com
x-cache-status: HIT
X-Firefox-Spdy: h2
cm.mgid.com/i.js?cbuster=1713420305275493442934
104.19.132.76200 OK 0 B URL GET HTTP/3 cm.mgid.com/i.js?cbuster=1713420305275493442934
IP 104.19.132.76:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjectmgid.com
Fingerprint9C:6C:5A:48:88:44:CB:C2:F4:76:D3:2E:DC:07:0D:D4:CA:6A:25:F5
ValiditySun, 10 Mar 2024 23:31:34 GMT - Sat, 08 Jun 2024 23:31:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i.js?cbuster=1713420305275493442934 HTTP/1.1
Host: cm.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Cookie: __cf_bm=Uygi8qkLZWDoMk2OZfYsYx6_VBZletHIc7Wi25d2YqE-1713420303-1.0.1.1-PflmzIozqn_xG30H4ziEi7yWA0Ki9Y9ILhuwFNkZHGbS7Q3tpsv3LY75si1wA2d3CMTNBKkIKIwU3k3UWAyIVA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: application/javascript
content-length: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8762760e8fb55695-OSL
alt-svc: h3=":443"; ma=86400
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=abe5DU%2FL8mtgK4rZ1rAU2jAD%2Bg0QuEhpw76AvR%2BM5lRWsFulEsZbAZQT2Qt%2FDBhf6FwxMfto%2BbgZ4%2BlPE8CRS8oKG2x7rVX5NoWusCDwlwhfYFRDnwecvh%2BPPFGpOItGP3JETYjx816cyFj0joX8FA5Ai3xW%2FvNsvMoVBC81cG0pjPyZ35Ibpj6sxH8U654ZWVwlIg%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529146425&_adlk_ts=171342030529146425
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=abe5DU%2FL8mtgK4rZ1rAU2jAD%2Bg0QuEhpw76AvR%2BM5lRWsFulEsZbAZQT2Qt%2FDBhf6FwxMfto%2BbgZ4%2BlPE8CRS8oKG2x7rVX5NoWusCDwlwhfYFRDnwecvh%2BPPFGpOItGP3JETYjx816cyFj0joX8FA5Ai3xW%2FvNsvMoVBC81cG0pjPyZ35Ibpj6sxH8U654ZWVwlIg%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529146425&_adlk_ts=171342030529146425
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=abe5DU%2FL8mtgK4rZ1rAU2jAD%2Bg0QuEhpw76AvR%2BM5lRWsFulEsZbAZQT2Qt%2FDBhf6FwxMfto%2BbgZ4%2BlPE8CRS8oKG2x7rVX5NoWusCDwlwhfYFRDnwecvh%2BPPFGpOItGP3JETYjx816cyFj0joX8FA5Ai3xW%2FvNsvMoVBC81cG0pjPyZ35Ibpj6sxH8U654ZWVwlIg%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342030529146425&_adlk_ts=171342030529146425 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:05 GMT
X-Firefox-Spdy: h2
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
147.75.84.158302 Found 0 B URL GET HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
IP 147.75.84.158:443
Requested by https://cookies.nextmillmedia.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D67%26uid%3D[NMUID]
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA1:19:DD:ED:07:5D:68:74:9A:FE:2B:DF:66:5F:D6:E6:F5:B4:1E:6C
ValidityWed, 06 Mar 2024 11:52:06 GMT - Tue, 04 Jun 2024 11:52:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fcookies.nextmillmedia.com%2Fsetuid%3Fbidder%3Damx%26nmuid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cookies.nextmillmedia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 18 Apr 2024 06:05:04 GMT
location: https://cookies.nextmillmedia.com/setuid?bidder=amx&nmuid=&gdpr=0&gdpr_consent=&us_privacy=&uid=
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=0QUtmcHlgPvMPOyL00jH2VAQAevDr2cjEx3i8p%2BYmTFxWeews0mHDILsch73anmxXU5ZAOD%2FK1%2BhwjQ76ZN%2BZnl2T47IuBmS4BineoAAX9ooL4mgK%2FEiAbYYYBFJl6GJLm0EtmDOgCBwLv9n7smSafJjzHWmjt6pWedN4wnOotZ5Z76xEePVH6r%2Bjpm7CwFobyOW3HsR6Dc%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=17134203281098293&_adlk_ts=17134203281098293
0.0.0.0 0 B URL GET stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=0QUtmcHlgPvMPOyL00jH2VAQAevDr2cjEx3i8p%2BYmTFxWeews0mHDILsch73anmxXU5ZAOD%2FK1%2BhwjQ76ZN%2BZnl2T47IuBmS4BineoAAX9ooL4mgK%2FEiAbYYYBFJl6GJLm0EtmDOgCBwLv9n7smSafJjzHWmjt6pWedN4wnOotZ5Z76xEePVH6r%2Bjpm7CwFobyOW3HsR6Dc%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=17134203281098293&_adlk_ts=17134203281098293
IP 0.0.0.0:0
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=0QUtmcHlgPvMPOyL00jH2VAQAevDr2cjEx3i8p%2BYmTFxWeews0mHDILsch73anmxXU5ZAOD%2FK1%2BhwjQ76ZN%2BZnl2T47IuBmS4BineoAAX9ooL4mgK%2FEiAbYYYBFJl6GJLm0EtmDOgCBwLv9n7smSafJjzHWmjt6pWedN4wnOotZ5Z76xEePVH6r%2Bjpm7CwFobyOW3HsR6Dc%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=17134203281098293&_adlk_ts=17134203281098293 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:27 GMT
X-Firefox-Spdy: h2
rtb.hhkld.com/sync/config/?zone=106801
185.106.140.207200 OK 2.4 kB URL GET HTTP/2 rtb.hhkld.com/sync/config/?zone=106801
IP 185.106.140.207:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subjecthhkld.com
Fingerprint8F:B1:0C:A0:87:DD:30:BF:E2:DD:3B:46:BE:0C:C8:0A:AF:06:35:32
ValidityMon, 19 Feb 2024 04:08:17 GMT - Sun, 19 May 2024 04:08:16 GMT
File type JavaScript source, ASCII text, with very long lines (2467), with no line terminators
Hash f10412ac6dfe0eb072d5c7192219b20a
c1bf23dcca8fdde28232b488716cc298542689ed
bd24d340e8d61589703e12e18a102d39b04c75c893d01348245b43d14ad94c7a
GET /sync/config/?zone=106801 HTTP/1.1
Host: rtb.hhkld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Cookie: uid=CmX+RGYguA6bHU511zksAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:03 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET, POST
access-control-allow-origin: https://ja.joecomp.com
content-encoding: gzip
X-Firefox-Spdy: h2
yandex.ru/ads/adfox/1455849/getCode?p1=dbxee&p2=inuv&puid1=
5.255.255.70200 OK 42 B URL GET HTTP/2 yandex.ru/ads/adfox/1455849/getCode?p1=dbxee&p2=inuv&puid1=
IP 5.255.255.70:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.xn--d1acpjx3f.xn--p1ai
Fingerprint17:FB:0C:B6:3F:7F:A5:4C:41:AD:D0:5C:6B:9A:96:47:FE:AF:C8:5C
ValidityMon, 04 Mar 2024 10:29:07 GMT - Sun, 01 Sep 2024 20:59:59 GMT
File type XML document, ASCII text, with no line terminators
Hash 43a4e06a4bfb8060ee104f146b6e58e3
6a5f8570e95301019c985431f532465e9f90d1ff
a30ccb71b0609fddacd27e15b9e0386c65a06146f046f82b6d18f53d90e4755b
GET /ads/adfox/1455849/getCode?p1=dbxee&p2=inuv&puid1= HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://ja.joecomp.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-yandex-req-id: 1713420304518221-3619127405190363798-balancer-l7leveler-kubr-yp-vla-168-BAL
last-modified: Thu, 18 Apr 2024 06:05:04 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
date: Thu, 18 Apr 2024 06:05:04 GMT
set-cookie: i=3wVJTzsR8seJ1N9ehtNlf2WG4+VB0Ug5BW3Ft5FP0k5iDdi8mF11fIZtyrCdZJe6P0MOPtMLfGwpRICubfE3rmWd7VM=; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4903637981713420304; Expires=Sat, 18-Apr-2026 06:05:04 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yashr=2074664781713420304; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly
receive-cookie-deprecation=1; Path=/; Domain=.yandex.ru; Expires=Fri, 18 Apr 2025 06:05:04 GMT; SameSite=None; Secure; HttpOnly; Partitioned
content-security-policy-report-only: default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform
content-type: text/xml; charset=utf-8
content-disposition: attachment; filename="null"
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
expires: Thu, 18 Apr 2024 06:05:04 GMT
x-adfox: {"default":true, "place_id":1404160, "code_type":"regular"}
X-Firefox-Spdy: h2
cmp.optad360.io/items/cmp/v3/vendor-list.json.min.js
54.230.111.106200 OK 606 kB URL GET HTTP/2 cmp.optad360.io/items/cmp/v3/vendor-list.json.min.js
IP 54.230.111.106:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerAmazon
Subject*.optad360.io
FingerprintBC:89:97:49:5C:BF:E9:C9:F2:FA:B3:55:B7:6A:1E:6D:7F:5B:86:9E
ValiditySun, 17 Sep 2023 00:00:00 GMT - Tue, 15 Oct 2024 23:59:59 GMT
Size 606 kB (605551 bytes)
Hash 96aeb08ad70fd943f6d62672be7ec63a
ebd487dbdfd9ea37133348a2cfd221675d2e18aa
60d250a9b850b976e86cd99d8d92351423758af6daefc2e39a8c4397dfddd7b9
GET /items/cmp/v3/vendor-list.json.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 Apr 2024 07:45:31 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 18 Apr 2024 03:56:32 GMT
cache-control: public, max-age=10080
etag: W/"96aeb08ad70fd943f6d62672be7ec63a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WKbJMIZhjBxVxwLdF_i5dYpNuurqw4W4T9elQvH21620txucHcbdaA==
age: 7714
access-control-allow-origin: *
X-Firefox-Spdy: h2
stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=jXr5QQHo%2Fu8wWEvhyNETgqy0vS3R5goV%2BjnqfEV9KoqNjoEhrkHLZY4wnK5%2BvFpJUuq2qp%2FByc%2F5CikR%2BwSMMUSxGWesmXMKScMZZsOGSZO%2Bzur5A7%2FkC81tl4mpkjnWNfKS4sFJtUTAK9%2FAOz4tXYI8VC9M1yW6gS5vFZ7FqsADJXrbCfbtc%2Fw1F3RWkGuFXVtzuw%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031607194977&_adlk_ts=171342031607194977
5.101.76.186200 OK 0 B URL GET HTTP/2 stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=jXr5QQHo%2Fu8wWEvhyNETgqy0vS3R5goV%2BjnqfEV9KoqNjoEhrkHLZY4wnK5%2BvFpJUuq2qp%2FByc%2F5CikR%2BwSMMUSxGWesmXMKScMZZsOGSZO%2Bzur5A7%2FkC81tl4mpkjnWNfKS4sFJtUTAK9%2FAOz4tXYI8VC9M1yW6gS5vFZ7FqsADJXrbCfbtc%2Fw1F3RWkGuFXVtzuw%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031607194977&_adlk_ts=171342031607194977
IP 5.101.76.186:443
ASN #48096 Enterprise Cloud Ltd.
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintBB:74:3B:09:F5:13:79:CE:CF:22:44:22:AD:AF:A7:74:23:4F:98:32
ValidityTue, 06 Jun 2023 15:02:11 GMT - Sun, 07 Jul 2024 15:02:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=jXr5QQHo%2Fu8wWEvhyNETgqy0vS3R5goV%2BjnqfEV9KoqNjoEhrkHLZY4wnK5%2BvFpJUuq2qp%2FByc%2F5CikR%2BwSMMUSxGWesmXMKScMZZsOGSZO%2Bzur5A7%2FkC81tl4mpkjnWNfKS4sFJtUTAK9%2FAOz4tXYI8VC9M1yW6gS5vFZ7FqsADJXrbCfbtc%2Fw1F3RWkGuFXVtzuw%3D%3D&r=https%3A%2F%2Fja.joecomp.com%2Frun-programs-as-services-with-firedaemon-pro&eo=&cb=171342031607194977&_adlk_ts=171342031607194977 HTTP/1.1
Host: stat.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Microsoft-IIS/10.0
date: Thu, 18 Apr 2024 06:05:15 GMT
X-Firefox-Spdy: h2
utraff.com/vpaid/seJ3zN0PF6IRqC7-T5B3ZYAWkO1_y_w6KQT6t_Q9OHY.xml
172.67.74.180200 OK 1.0 kB URL GET HTTP/2 utraff.com/vpaid/seJ3zN0PF6IRqC7-T5B3ZYAWkO1_y_w6KQT6t_Q9OHY.xml
IP 172.67.74.180:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerGoogle Trust Services LLC
Subjectutraff.com
Fingerprint33:5E:E6:D1:25:D0:06:4F:AC:56:7F:BD:6C:A7:DD:31:72:25:35:57
ValiditySat, 06 Apr 2024 06:57:44 GMT - Fri, 05 Jul 2024 06:57:43 GMT
File type ASCII text, with very long lines (1071), with no line terminators
Hash 13c9501195509a3c843da244e0a1774a
22bf2564b1e5ecb8ff6ce73ca3e91f309f1b7b9b
5c39735e2403084253e3df5de4d21efda979748267909c139480ff66ed75b345
GET /vpaid/seJ3zN0PF6IRqC7-T5B3ZYAWkO1_y_w6KQT6t_Q9OHY.xml HTTP/1.1
Host: utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
DNT: 1
Connection: keep-alive
Referer: https://ja.joecomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: text/xml
last-modified: Wed, 17 Apr 2024 09:31:16 GMT
etag: W/"661f96e4-3ff"
access-control-allow-origin: https://ja.joecomp.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQK8HibyT0WhmJxqWMm8lZ%2F09qEtmka5efpb9g3G3TJFnYjXngdWSiFbKL79liwTowKC%2FtCeY4xI4SYvJdNYZRmyFh9W4CPFdvgul7UC83b3tIF7zVztqpUYATY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876276061d5b56af-OSL
content-encoding: br
X-Firefox-Spdy: h2
exchange.buzzoola.com/adv/kbDH64c7yFY_jqB7YcKn5L17UiLpXtxUw327HFbPUW4prlZfB6EKOQ/jsvpaid?set_buzzoola_cookie=t
148.251.40.140200 OK 17 kB URL GET HTTP/2 exchange.buzzoola.com/adv/kbDH64c7yFY_jqB7YcKn5L17UiLpXtxUw327HFbPUW4prlZfB6EKOQ/jsvpaid?set_buzzoola_cookie=t
IP 148.251.40.140:443
ASN #24940 Hetzner Online GmbH
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintE6:7F:94:98:CF:E4:CF:88:C7:8C:FC:16:A3:D7:D0:10:4E:EC:AB:F1
ValidityMon, 04 Sep 2023 00:00:00 GMT - Fri, 04 Oct 2024 23:59:59 GMT
File type XML 1.0 document, ASCII text, with very long lines (16612), with no line terminators
Hash f0f92e881112fbc2435e6479d7590881
d4cc3b0940a40646a6728aa431c073502ea41d04
629cf651449d2869531c3f58adf5c46707e51f19a0dac2cb2e0f856e8c952fa5
GET /adv/kbDH64c7yFY_jqB7YcKn5L17UiLpXtxUw327HFbPUW4prlZfB6EKOQ/jsvpaid?set_buzzoola_cookie=t HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ja.joecomp.com
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Cookie: uuid=c79b8d84-734e-41e8-4b1e-1ecf77c2c283
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:05:04 GMT
content-type: application/xml
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
access-control-allow-origin: https://ja.joecomp.com
access-control-expose-headers: Set-Cookie, Etag
serverid: TODO
content-encoding: gzip
X-Firefox-Spdy: h2
assets.a-mo.net/js/n1.js
104.19.158.19200 OK 3.8 kB IP 104.19.158.19:443
Requested by https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Frtb.hhkld.com%2Ftools%2Fsync%3Fdsp%3D26%26uid%3D
Certificate IssuerLet's Encrypt
Subjectassets.a-mo.net
Fingerprint54:48:1E:19:9B:71:7E:51:66:AB:E7:58:01:62:4B:B6:12:6C:30:BA
ValiditySun, 07 Apr 2024 00:18:20 GMT - Sat, 06 Jul 2024 00:18:19 GMT
File type JavaScript source, ASCII text, with very long lines (3909), with no line terminators
Hash 47ed4e1592ca9220c0cf30e1936dd900
fb81890cf027727a2c909561b73d452ae8a8c2ee
aad44315ed64b183de0beca41b7323e1ab4b41b76f67c389984531b2563d89c2
GET /js/n1.js HTTP/1.1
Host: assets.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://prebid.a-mo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:05:05 GMT
content-type: text/javascript
last-modified: Fri, 17 Nov 2023 21:37:06 GMT
etag: W/"594c94f05d6e65f49ee3acdd5d971b89"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 28bed1803be3c3dac5d1cab9aa7edf84.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: XlHiqsEJW_xaljuFt_DXIPoYvDuKez-RcJxf9x-ctQqmT6GIZMe_hg==
cf-cache-status: HIT
age: 136
expires: Thu, 18 Apr 2024 07:05:05 GMT
cache-control: public, max-age=3600
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762760c89a456b4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14
193.3.184.222302 Moved Temporarily 0 B URL GET HTTP/1.1 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14
IP 193.3.184.222:443
Requested by https://ja.joecomp.com/run-programs-as-services-with-firedaemon-pro
Certificate IssuerLet's Encrypt
Subject*.sape.ru
Fingerprint73:95:22:E3:B6:12:3E:90:3A:10:10:DC:38:ED:28:2D:82:7B:EB:E2
ValidityWed, 10 Apr 2024 03:20:28 GMT - Tue, 09 Jul 2024 03:20:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ja.joecomp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 18 Apr 2024 06:05:06 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=2203420A12B820662700D6BB02FA22AB&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDImYguBK71gAnqyL6AmWl9X/Cjn1/7zlfV6Uatwqe/P4G; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None