GET sspoisk.ru/series/4365427/
301 Moved Permanently 245 B URL User Request GET HTTP/1.1 sspoisk.ru/series/4365427/
IP
ASN #44477 Stark Industries Solutions Ltd
Certificate IssuerLet's Encrypt
Subjectsspoisk.ru
Fingerprint16:1C:88:A4:CD:5B:31:46:0F:7D:54:A1:06:BB:03:71:C5:C9:23:AC
ValidityMon, 27 Jan 2025 01:56:56 GMT - Sun, 27 Apr 2025 01:56:55 GMT
File type HTML document, ASCII text
Hash c321b9cb72d79afec130cfb657ae9523
4baa6d7d92d26688a2ffc15d3399bd3c888db0b7
638876cf5887f9cbafe9dc13a7bb380e5528ee003ef03d43fa256a9b634f20f9
GET /series/4365427/ HTTP/1.1
Host: sspoisk.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 12 Feb 2025 21:51:58 GMT
Server: Apache
Location: https://flicksbar.mom/series/4365427/
Content-Length: 245
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET flicksbar.mom/series/4365427/
404 Not Found 2.5 kB URL User Request GET HTTP/1.1 flicksbar.mom/series/4365427/
IP
ASN #44477 Stark Industries Solutions Ltd
File type HTML document, Unicode text, UTF-8 text
Hash 249fecfad1760ddf43fcd9136acb679b
2f33b4fb604542b501d8c2f44474851366091607
34ce3befb696a937137b6edb420fc0cba756d9a3a060b125ffff7b7c30ca0cd5
GET /series/4365427/ HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, public
Content-Encoding: gzip
GET flicksbar.mom/series/4365427/
404 Not Found 2.5 kB URL User Request GET HTTP/1.1 flicksbar.mom/series/4365427/
IP
ASN #44477 Stark Industries Solutions Ltd
File type HTML document, Unicode text, UTF-8 text
Hash 249fecfad1760ddf43fcd9136acb679b
2f33b4fb604542b501d8c2f44474851366091607
34ce3befb696a937137b6edb420fc0cba756d9a3a060b125ffff7b7c30ca0cd5
GET /series/4365427/ HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, public
Content-Encoding: gzip
GET flicksbar.mom/main.css
200 OK 1.1 kB IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
Hash e73402082d8a755ed964ca0eb88e316b
34e4dd7bea9b8df3584e0ca8904e8392d53b308b
b8340669948d44ba4e86060a13badb43e22f4d3b9c3b8e437fc22bcc421756b7
GET /main.css HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: text/css
Last-Modified: Fri, 02 Feb 2024 00:07:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65bc3232-17b6"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
GET flicksbar.mom/index.js
200 OK 348 B IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
Hash baffa36593b30f530a14eb6210133409
d652f5fc81894ecf5b4a183e54b81328eed9da24
54adedbca6ff8604e476f70e3ab8a81cab9728ed560f51b3bb9ac6c2b94b3ff6
GET /index.js HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Sep 2023 13:55:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65046262-3bf"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
GET flicksbar.mom/titlename.js
200 OK 277 B URL GET HTTP/1.1 flicksbar.mom/titlename.js
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
File type JavaScript source, ASCII text
Hash f5ece4c8795a2bd6e0dd52ef8f4599aa
02c2b427dd5ee86501d507db99c2666fb54e35d4
eb9b97e46ed4828fc386c194e6281089ac958d8781d3d4969990b887e849df21
GET /titlename.js HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: application/javascript
Last-Modified: Mon, 25 Nov 2024 18:34:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6744c337-17c"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
GET flicksbar.mom/main.js
200 OK 599 B IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
Hash ca3e96d96c8f68d3f4fbd5efda59c043
a366859db15d7ae52a6015bb5c0a46ea4751ffd8
aa6f2e371ede1bc6b8bfe576ccfae8d44780d4a584673055c737807da2290729
GET /main.js HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Sep 2023 13:55:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65046262-559"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
GET flicksbar.mom/kinobox/kinobox.css
200 OK 1.2 kB URL GET HTTP/1.1 flicksbar.mom/kinobox/kinobox.css
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
Hash ae7b9fb65ed20e5484f1b741ddea858e
011928293d6ce279d6106764caa55f5c1af7f4e2
ef3b65c1e8fde85db7fc9f7b84fd1e943414195134aa679abffd53f1865ea003
GET /kinobox/kinobox.css HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: text/css
Last-Modified: Fri, 15 Sep 2023 13:55:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6504624c-10b4"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
GET flicksbar.mom/jquery-3.6.0.min.js
200 OK 31 kB URL GET HTTP/1.1 flicksbar.mom/jquery-3.6.0.min.js
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: application/javascript
Last-Modified: Mon, 25 Nov 2024 20:02:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6744d7bf-15d9d"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
GET myroledance.com/services/?id=167431
200 OK 1.6 kB URL GET HTTP/1.1 myroledance.com/services/?id=167431
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectmyroledance.com
Fingerprint01:50:8C:D7:9A:7D:F5:B6:FA:65:D4:F9:B9:E7:7F:B4:A6:56:0A:5A
ValidityMon, 23 Dec 2024 07:56:43 GMT - Sun, 23 Mar 2025 07:56:42 GMT
File type JavaScript source, ASCII text, with very long lines (1592), with no line terminators
Hash 2b4299be87b7cf896e98c575c61a3343
2e53a03d4b1fd1f03763d5d16a77c4313472b955
e96eb129df5dbe65e74f6cdd5f202d20be942c41f2c779ba70d810df1ea7d7c7
GET /services/?id=167431 HTTP/1.1
Host: myroledance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 1592
Connection: keep-alive
GET flicksbar.mom/imgs/tgimg.png
200 OK 67 kB URL GET HTTP/1.1 flicksbar.mom/imgs/tgimg.png
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
Hash 8805ceb2cc191b3caf5d9aa873f89947
452863efed45da44900a5411e3fe1033005c6d33
569711232afcf58505d2a59b89a86133ed859c43ec18879058ac8a271799242d
GET /imgs/tgimg.png HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: image/png
Content-Length: 66990
Last-Modified: Mon, 17 Jul 2023 19:21:41 GMT
Connection: keep-alive
ETag: "64b594c5-105ae"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
GET flicksbar.mom/imgs/tglogomin.jpg
200 OK 46 kB URL GET HTTP/1.1 flicksbar.mom/imgs/tglogomin.jpg
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=260, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=260], progressive, precision 8, 260x260, components 3
Hash 8b51ec35edc35cd1ca9bdf511c773837
df44b3e1b832b3b08ea0c4f74af7c9bd1c4a4120
8cf9bc4da0505594b4e90ee5d90a5670f4beb2e43538582988c7bdbf2fea7689
GET /imgs/tglogomin.jpg HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: image/jpeg
Content-Length: 45996
Last-Modified: Mon, 17 Jul 2023 19:21:41 GMT
Connection: keep-alive
ETag: "64b594c5-b3ac"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
GET dontplayfb.top/kinobox/kinobox.js
200 OK 3.3 kB URL GET HTTP/1.1 dontplayfb.top/kinobox/kinobox.js
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectdontplayfb.top
FingerprintC0:21:FC:9E:1F:AF:36:79:08:73:17:4D:97:ED:ED:57:13:AD:9D:26
ValidityWed, 18 Dec 2024 20:41:04 GMT - Tue, 18 Mar 2025 20:41:03 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 4967365bea86f13f788aa0fd74baf77a
a7b910ce45b657e290a0971d9920628ac7e4e11d
3950c98f37fd7743cb8bf93c9905805d232cb0e46a1a84c5bfa5405bc6a9545f
GET /kinobox/kinobox.js HTTP/1.1
Host: dontplayfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: application/javascript
Last-Modified: Fri, 15 Sep 2023 13:55:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6504624c-3c47"
Expires: Thu, 13 Feb 2025 21:51:59 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
GET fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr6Hw5aXo.woff2
200 OK 19 kB URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr6Hw5aXo.woff2
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:57:FE:D4:36:DB:03:15:19:B1:2C:50:42:64:6E:D7:C2:32:4F:B6
ValidityMon, 20 Jan 2025 08:37:07 GMT - Mon, 14 Apr 2025 08:37:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 18552, version 1.0
Hash 0941a59d32b55d5ed3e0d456f0f7b7b2
8a27337d9c495a07e74b7525a83a59ec408e11b9
d18a96182fe70645c2a0d8130cc18f85a18943a444b9235f3087e1eaefe13615
GET /s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCvr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Feb 2025 02:24:36 GMT
expires: Wed, 11 Feb 2026 02:24:36 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Nov 2024 17:30:39 GMT
content-type: font/woff2
age: 156443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET dontplayfb.top/kinobox/index.php?kinopoisk=4365427
200 OK 454 B URL GET HTTP/1.1 dontplayfb.top/kinobox/index.php?kinopoisk=4365427
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectdontplayfb.top
FingerprintC0:21:FC:9E:1F:AF:36:79:08:73:17:4D:97:ED:ED:57:13:AD:9D:26
ValidityWed, 18 Dec 2024 20:41:04 GMT - Tue, 18 Mar 2025 20:41:03 GMT
Hash 0a3fcbc17357862639197eed1c66898b
a3c651e899dfe9c093d4e9df61d0c3c4dd93cca5
0fd3041c3deb56558b925e2690980febcfe04cd352eab9da849dc2a317df424c
GET /kinobox/index.php?kinopoisk=4365427 HTTP/1.1
Host: dontplayfb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://flicksbar.mom/
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:51:59 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,POST,OPTIONS
Access-Control-Max-Age: 86400
Content-Encoding: gzip
GET flicksbar.mom/favicon.ico
404 Not Found 2.5 kB URL GET HTTP/1.1 flicksbar.mom/favicon.ico
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
File type HTML document, Unicode text, UTF-8 text
Hash 249fecfad1760ddf43fcd9136acb679b
2f33b4fb604542b501d8c2f44474851366091607
34ce3befb696a937137b6edb420fc0cba756d9a3a060b125ffff7b7c30ca0cd5
GET /favicon.ico HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Cookie: _ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:52:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, public
Content-Encoding: gzip
GET code.moviead55.ru/madstyle.css
200 OK 477 B URL GET HTTP/2 code.moviead55.ru/madstyle.css
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type gzip compressed data, from Unix
Hash accb3a31ff6a0e20569e442219a215f7
54486f73d254b33b2090648a866d2142ec448bb4
f1e475fbda069ab0400f58dbdb74c1364103c00d56943d32795c951640291357
GET /madstyle.css HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:51:59 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET js11.klonenorm.com/js/customs/e1ab51a6fd.js?0.7750418355853392
200 OK 7.2 kB URL GET HTTP/1.1 js11.klonenorm.com/js/customs/e1ab51a6fd.js?0.7750418355853392
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectklonenorm.com
Fingerprint44:01:41:29:3C:0C:10:15:C3:7E:4B:5A:9B:1A:DC:C3:92:9E:AB:AC
ValidityTue, 11 Feb 2025 08:04:40 GMT - Mon, 12 May 2025 08:04:39 GMT
File type JavaScript source, ASCII text
Hash 0f1b159d506d72a8966fa38e463bd9af
167feb79fadc52b1353afc1954dec60e41425c89
87a9d16aad21a1f6970a7697f56091b40c7bf80d2cde580e5372259443506eb0
GET /js/customs/e1ab51a6fd.js?0.7750418355853392 HTTP/1.1
Host: js11.klonenorm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:00 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 7231
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
GET thesaurus.allarknow.online/build/app.1bd53c35.js
200 OK 98 kB URL GET HTTP/2 thesaurus.allarknow.online/build/app.1bd53c35.js
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
File type gzip compressed data, from Unix
Hash e412ddfe4be9b283f78624458523530e
8cab70afb5458833debb0df03971a86217bd8f84
c6ba9768ecceb44ce7c9019d3bfcccb94cb74a3d201d4288f6448286889aba2f
GET /build/app.1bd53c35.js HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:00 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 20:02:28 GMT
etag: W/"67acfe54-486f5"
expires: Tue, 13 May 2025 20:03:42 GMT
cache-control: max-age=7776000
bn: mm-18
strict-transport-security: max-age=31536000;
content-encoding: gzip
be: main_site_ssl
x-cache: HIT
X-Firefox-Spdy: h2
GET thesaurus.allarknow.online/build/637.08ede1c1.js
200 OK 468 kB URL GET HTTP/2 thesaurus.allarknow.online/build/637.08ede1c1.js
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
File type gzip compressed data, from Unix
Size 468 kB (467687 bytes)
Hash 3a171725255394202ac89183f9572096
9be5e1e086b9bd191c0bd416806af8b246270b88
ee6f4d14dfc5fe6032ee0e31b439b141b4608bda7316ee355fea5bc8cdaa2d45
GET /build/637.08ede1c1.js HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:00 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 20:02:28 GMT
etag: W/"67acfe54-147bfe"
expires: Tue, 13 May 2025 20:03:42 GMT
cache-control: max-age=7776000
bn: mm-17
strict-transport-security: max-age=31536000;
content-encoding: gzip
be: main_site_ssl
x-cache: HIT
X-Firefox-Spdy: h2
HEAD imasdk.googleapis.com/cekh8i
404 Not Found 0 B URL HEAD HTTP/2 imasdk.googleapis.com/cekh8i
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C
ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /cekh8i HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thesaurus.allarknow.online/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 12 Feb 2025 21:52:01 GMT
server: sffe
content-length: 1567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET thesaurus.allarknow.online/images/allplay.svg
200 OK 7.1 kB URL GET HTTP/2 thesaurus.allarknow.online/images/allplay.svg
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
File type SVG Scalable Vector Graphics image
Hash a3daa334bd35160d1d76cfcf4b2d9f08
c669b8fb367a917b28f196ab4bea4c8f305d8e87
5a2c227e5264396ece17210c200deab43e9d1c7dfed225ad03a8d93f702a317a
GET /images/allplay.svg HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: image/svg+xml
content-length: 7066
last-modified: Fri, 29 Nov 2024 12:50:51 GMT
etag: "6749b8ab-1b9a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
bn: mm-18
strict-transport-security: max-age=31536000;
be: main_site_ssl
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=btwcookie&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D
set-cookie: sky_uuid=6d935b4a-46fb-43b4-dd1d-fca9c6a41d6a; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
200 OK 12 kB URL GET HTTP/2 thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (35876)
Hash f8dee7b237079619355deb79e05e8c74
58d40a49c7707e35655ecd5e4ba2261473f66ef7
bb87f31194511532235eb423ea3d5bb411ba39f37f94a5ec8e99c2dcf9b12540
GET /?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null= HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:00 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-content-type-options: nosniff
bn: mm-18
strict-transport-security: max-age=31536000;
content-encoding: gzip
be: main_site_ssl
x-cache: MISS
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=vhd&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=vhd&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=vhd&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://a.videohead.tech/sync?ssp=sky_new
set-cookie: sky_uuid=686c5f0e-81a9-d56d-4764-9f9ec4c4919a; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=bvbid&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=bvbid&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=bvbid&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://ssp.bidvol.com/usersync?dspcsid=141&redirect=1
set-cookie: sky_uuid=30aacc17-38d9-d731-c730-7a6c4e2c61e4; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=gtnt&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=gtnt&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=gtnt&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://px.adhigh.net/p/cm/skyadvert?u=0ba18f2a-2cd7-d1b3-19ba-1e91259e2a8b
set-cookie: sky_uuid=0ba18f2a-2cd7-d1b3-19ba-1e91259e2a8b; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET user91471.clients-cdnnow.ru/frndnp.php?autoplay=1&cb=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&dbg=false&fclose=false&jh=cpzse3jqpizzc4mfcf1dkpjqqj4o&sth=qi3skht3gr4dqcjqcpsg13mqqt314a5rp3zg673qqj4o&v=03208824bea369b060dba1f2083d6a4c&ver=1&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&cdiv=24&frnd=true&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&country=NO
200 OK 14 kB URL GET user91471.clients-cdnnow.ru/frndnp.php?autoplay=1&cb=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&dbg=false&fclose=false&jh=cpzse3jqpizzc4mfcf1dkpjqqj4o&sth=qi3skht3gr4dqcjqcpsg13mqqt314a5rp3zg673qqj4o&v=03208824bea369b060dba1f2083d6a4c&ver=1&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&cdiv=24&frnd=true&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&country=NO
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.clients-cdnnow.ru
Fingerprint69:F1:71:81:E4:B1:67:BE:39:1F:96:52:00:86:84:F9:41:06:79:AA
ValidityWed, 27 Nov 2024 11:51:10 GMT - Tue, 25 Feb 2025 11:51:09 GMT
Hash 74c9536c6794912c2575aec54bcc06d8
941f5b5c4028119a8aafad4b428a2f2c0a38c8a5
68afb65132d7b49dcb627e3a9e94f427a395428dcb774ebe88d87e4be03ab102
GET /frndnp.php?autoplay=1&cb=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&dbg=false&fclose=false&jh=cpzse3jqpizzc4mfcf1dkpjqqj4o&sth=qi3skht3gr4dqcjqcpsg13mqqt314a5rp3zg673qqj4o&v=03208824bea369b060dba1f2083d6a4c&ver=1&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&cdiv=24&frnd=true&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&country=NO HTTP/1.1
Host: user91471.clients-cdnnow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache: Yac
x-movieads-country: NO
content-encoding: gzip
x-edge-ip: 172.19.32.3
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=sapecookie&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://www.acint.net/rmatch?dp=167&euid=560654b9-37a0-1c77-4664-d203725387a4&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
set-cookie: sky_uuid=560654b9-37a0-1c77-4664-d203725387a4; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET thesaurus.allarknow.online/build/runtime.91e3ba01.js
200 OK 1.2 kB URL GET HTTP/2 thesaurus.allarknow.online/build/runtime.91e3ba01.js
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
File type JavaScript source, ASCII text, with very long lines (2470), with no line terminators
Hash 3fd424cf05687b5783f7a28be6d57867
f223bf6940022455d489f542be1dda130b9b0cc9
4c5483866101767525aa0e571970408c1575c1ed1b37b6d50909d487fdd2a0ea
GET /build/runtime.91e3ba01.js HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:00 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 20:02:28 GMT
etag: W/"67acfe54-9a6"
expires: Tue, 13 May 2025 20:03:42 GMT
cache-control: max-age=7776000
bn: mm-11
strict-transport-security: max-age=31536000;
content-encoding: gzip
be: main_site_ssl
x-cache: HIT
X-Firefox-Spdy: h2
POST thesaurus.allarknow.online/movie/689117
200 OK 1.2 kB URL POST HTTP/2 thesaurus.allarknow.online/movie/689117
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
Hash 5ec183ed72c1e8a0db1ee3c50c87ebdf
6624dc966f295ba8f60aa2c0380f20ec1ecdb5f2
6c6e39ef6fd80b61f148b52bcc5517d4e2af9287e10bce924741c5f5f5d1ce89
POST /movie/689117 HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: application/json
cache-control: no-cache, private
x-content-type-options: nosniff
bn: mm-11
strict-transport-security: max-age=31536000;
be: main_site_ssl
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=btwckrus&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=btwckrus&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=btwckrus&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://ads.betweendigital.com/match?bidder_id=46203&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwckrus%26bid%3D%24%7BUSER_ID%7D
set-cookie: sky_uuid=4760ccc5-8ac6-f6e8-da41-53a71b2a2d5a; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=bzcookie&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
set-cookie: sky_uuid=56c4dd25-6fe3-0e37-ba4a-787d64e378af; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=dgm2&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=dgm2&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=dgm2&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://sync.opendsp.ru/match/MovieAds?id=608ae2f4-48f6-6d62-f81d-3ad3afefaa20
set-cookie: sky_uuid=608ae2f4-48f6-6d62-f81d-3ad3afefaa20; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=gonetbid&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://sync.gonet-ads.com/match/SkyAdvert?id=d7063822-e6c4-8bf3-c2c0-a4ba5ab407e2
set-cookie: sky_uuid=d7063822-e6c4-8bf3-c2c0-a4ba5ab407e2; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=otmbid&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=otmbid&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=otmbid&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://sync.dmp.otm-r.com/match/skyadvert
set-cookie: sky_uuid=a6e2e9ab-9dbc-3ed8-de1e-d34f1dbb4b04; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=plzkrt&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=plzkrt&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=plzkrt&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://adx.com.ru/sync/init/skyadvert-banner-rtb?uid=1199be9d-59fc-b988-3a7a-184ba08bb738&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrt%26bid%3D%7Buserid%7D
set-cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=utrff&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=utrff&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=utrff&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=6d935b4a-46fb-43b4-dd1d-fca9c6a41d6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://a.utraff.com/sync?ssp=Movieads
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/pixel?v=03208824bea369b060dba1f2083d6a4c&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&fmt_id=1&rnd=1739397121.2559
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/pixel?v=03208824bea369b060dba1f2083d6a4c&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&fmt_id=1&rnd=1739397121.2559
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/pixel?v=03208824bea369b060dba1f2083d6a4c&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&fmt_id=1&rnd=1739397121.2559 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=686c5f0e-81a9-d56d-4764-9f9ec4c4919a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: image/jpeg
content-length: 0
x-skyadvert-udata: cache,parsed,51014
x-skyadvert-cors-qex: Referer
x-skyadvert-path: /
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-movieads-country: NO
X-Firefox-Spdy: h2
GET www.acint.net/mc/?dp=167
302 Found 154 B IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=167 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=167&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 12-Feb-25 22:02:01 GMT
aid=fwAABmetGAFL1Sc0Enw2Ao/reCuhNwUM7qE+wzmGm1fz+ebX; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
GET www.acint.net/rmatch?dp=167&euid=560654b9-37a0-1c77-4664-d203725387a4&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?dp=167&euid=560654b9-37a0-1c77-4664-d203725387a4&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=167&euid=560654b9-37a0-1c77-4664-d203725387a4&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=560654b9-37a0-1c77-4664-d203725387a4
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 12-Feb-25 22:02:01 GMT
aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
GET sync.vqserve.com/match/stream
302 Found 0 B URL GET HTTP/1.1 sync.vqserve.com/match/stream
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerSectigo Limited
Subject*.vqserve.com
FingerprintD7:B2:A2:51:6C:19:09:65:AB:29:3E:C2:8A:42:8E:E5:56:AE:46:1C
ValidityWed, 02 Oct 2024 00:00:00 GMT - Thu, 02 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/stream HTTP/1.1
Host: sync.vqserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 12 Feb 2025 21:52:01 GMT
Content-Length: 0
Connection: keep-alive
Location: https://sm.rtb.mts.ru/p?ssp=viqeo&id=A1TGS2doidPqoJGVUWT74Z9aXd
Set-Cookie: rid=A1TGS2doidPqoJGVUWT74Z9aXd; expires=Fri, 14 Mar 2025 21:52:01 GMT; domain=vqserve.com; path=/; HttpOnly; secure; SameSite=None
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Length,Content-Range
GET www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=560654b9-37a0-1c77-4664-d203725387a4
302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=560654b9-37a0-1c77-4664-d203725387a4
IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=560654b9-37a0-1c77-4664-d203725387a4 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v4=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET a.videohead.tech/sync?ssp=sky_new
204 No Content 0 B URL GET HTTP/2 a.videohead.tech/sync?ssp=sky_new
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGoogle Trust Services
Subjectvideohead.tech
Fingerprint84:E2:9C:58:5B:92:64:BF:83:C7:D8:AA:D5:F1:D2:A0:C3:08:D4:97
ValiditySun, 12 Jan 2025 12:30:53 GMT - Sat, 12 Apr 2025 13:29:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sky_new HTTP/1.1
Host: a.videohead.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/plain
content-length: 0
set-cookie: prevhead=1; Expires=Sat, 15 Mar 2025 00:52:01 GMT; Domain=.videohead.tech; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7JEv%2FlFLHFOznf7aVJmUAhOtlajSMBaTtR0%2FBCwC03LQNspvNaFgI1l25T8mo%2Fu%2FH%2BmwlB47Mik%2FfeYSJ1Is3eTT8tjMY4eRlnk2S9xmf%2FfY3rP2GE34Y6Fi18lJ394sYjYK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdaaba335696-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=941&min_rtt=379&rtt_var=1094&sent=9&recv=12&lost=0&retrans=1&sent_bytes=3297&recv_bytes=1135&delivery_rate=8044444&cwnd=256&unsent_bytes=0&cid=37d152535554b3c6&ts=144&x=0"
X-Firefox-Spdy: h2
GET cdn.plyr.io/static/blank.mp4
206 Partial Content 1.8 kB URL GET HTTP/2 cdn.plyr.io/static/blank.mp4
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerGoogle Trust Services
Subjectcdn.plyr.io
Fingerprint2D:59:A7:42:C0:A9:D5:1B:4A:D2:9E:8F:09:51:7F:B2:D5:FB:72:AC
ValiditySun, 19 Jan 2025 13:43:03 GMT - Sat, 19 Apr 2025 14:43:01 GMT
File type ISO Media, MP4 v2 [ISO 14496-14]
Hash 08fc2557b6c938f1a251e59b016e90e2
8d385ebd53fd721167b5ead62fec0ed81a0d9d5a
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98
GET /static/blank.mp4 HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: video/mp4
content-length: 1777
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
etag: "08fc2557b6c938f1a251e59b016e90e2"
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 3315466
content-range: bytes 0-1776/1777
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2RHc0JMeczHX%2FSer%2FRK3MACtC6tiZxKQAbgRS2Qqbv3lR%2FGjG66VweHKi%2FZKNRPe2A%2B9mejPA84D5pyaawsZwkVx6y%2B081aSA2Bt%2BRIB9WcKVhJx2Dan%2F3QGYUo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdaac837b529-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=903&min_rtt=403&rtt_var=994&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3187&recv_bytes=1164&delivery_rate=7702127&cwnd=254&unsent_bytes=0&cid=5103213139b563d1&ts=110&x=0"
X-Firefox-Spdy: h2
GET sp.ohmy.bid/cmf?0.055707699755219164
204 No Content 0 B URL GET HTTP/2 sp.ohmy.bid/cmf?0.055707699755219164
IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectsp.ohmy.bid
Fingerprint1E:1F:41:40:37:61:6D:81:6A:F9:16:CB:14:DE:F6:C2:EB:51:03:4C
ValidityFri, 17 Jan 2025 20:04:12 GMT - Thu, 17 Apr 2025 20:04:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cmf?0.055707699755219164 HTTP/1.1
Host: sp.ohmy.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
bidder: bid-24 1.1830.3e2aa7f8
set-cookie: uid=a52ddf52-7c10-4a73-b633-1ccee0285ac5.67ad1801.36ff02c2119a7e1e; domain=.ohmy.bid; path=/; expires=Fri, 14-Mar-2025 21:52:01 GMT; SameSite=None; Secure;
access-control-allow-credentials: true
X-Firefox-Spdy: h2
GET dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
302 Found 0 B URL GET HTTP/2 dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
IP
ASN #200197 Hybrid Adtech Sp.z.o.o.
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerSectigo Limited
Subject*.hybrid.ai
FingerprintC1:9A:FB:0B:9B:BA:F6:60:5C:85:23:14:04:BB:28:06:F8:94:11:9E
ValidityWed, 04 Sep 2024 00:00:00 GMT - Sun, 05 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: https://code.moviead55.ru/go/csync?cn=hbrdcookie2&bid=375b1cdc2416de852945
set-cookie: vid=375b1cdc2416de852945; Expires=Thu, 12 Feb 2026 21:52:01 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 0559
x-xss-protection: 1; mode=block
access-control-allow-origin: http://flicksbar.mom
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
GET otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
302 Moved Temporarily 124 B URL GET HTTP/1.1 otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectotclick.ru
Fingerprint86:2F:8B:69:36:48:EB:D5:8E:BD:D5:F5:39:D8:84:9D:83:27:35:28
ValidityMon, 23 Dec 2024 09:42:37 GMT - Sun, 23 Mar 2025 09:42:36 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash c73e35f73ed5c795c70cf66e99088b7c
63a9ffe5d0e5b4070819b95ef564a58d8a3a3a1c
80034a9712f07e6b0577c7e5bf6d5d718736593e7d21c81dd1a3cbdb4eb860de
GET /core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D HTTP/1.1
Host: otclick-adv.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 12 Feb 2025 21:52:01 GMT
Content-Length: 124
Connection: keep-alive
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thursday, 01-Jan-1970 00:00:00 GMT
Set-Cookie: idntfy=VUnZUsbWsOWu9RE; expires=Sat, 10-Feb-2035 21:52:02 GMT; domain=otclick-adv.ru; path=/c/; SameSite=None; Secure
idntfy=VUnZUsbWsOWu9RE; expires=Sat, 10-Feb-2035 21:52:02 GMT; domain=otclick-adv.ru; path=/core/; SameSite=None; Secure
Location: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUnZUsbWsOWu9RE
GET a.utraff.com/sync?ssp=Movieads
204 No Content 0 B URL GET HTTP/2 a.utraff.com/sync?ssp=Movieads
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGoogle Trust Services
Subjectutraff.com
FingerprintF0:05:B9:23:8D:FE:B1:3D:95:35:45:AF:5E:11:16:CA:95:46:33:58
ValiditySun, 26 Jan 2025 17:45:28 GMT - Sat, 26 Apr 2025 18:45:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Movieads HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/plain
content-length: 0
set-cookie: preutid=1; Expires=Sat, 15 Mar 2025 00:52:01 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 15 Mar 2025 00:52:01 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QE9XvVRfzVM7Xs%2BQ9YAapKvO3fM4pMCh6OYu2V5SzX8s543ukshTCynnHCIkmvXG5xBmamhWA8TVsCe5caSUuUk5xGd%2FSfVGmz%2FbcaOztq9cvINhZbZaEQaCnG3BcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdab5cf6b51e-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1110&min_rtt=478&rtt_var=1297&sent=9&recv=12&lost=0&retrans=1&sent_bytes=3285&recv_bytes=1259&delivery_rate=7288590&cwnd=256&unsent_bytes=0&cid=87e93ab156536aca&ts=142&x=0"
X-Firefox-Spdy: h2
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/master.m3u8
200 OK 146 B URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/master.m3u8
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
Hash c99f1856952e5121ad5114b2f42563d2
b74bf5ab953299325566b676bb263a36c65f2c74
d26f399ef09b66d4f722e8bf65db4319a213b4fadc32f03e87cbd559d2d6c157
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/master.m3u8 HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:01 GMT
Content-Type: application/vnd.apple.mpegurl
Content-Length: 146
Connection: keep-alive
ETag: "-1-92"
Expires: Wed, 12 Feb 2025 23:52:01 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%7Buid%7D
302 Found 0 B URL GET HTTP/1.1 match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%7Buid%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectmatch.ohmy.bid
FingerprintCE:06:62:51:1A:72:4A:C7:E0:69:D7:71:81:B4:71:90:FC:78:DE:9C
ValidityFri, 17 Jan 2025 20:04:03 GMT - Thu, 17 Apr 2025 20:04:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%7Buid%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 12 Feb 2025 21:52:01 GMT
Content-Length: 0
Connection: keep-alive
Bidder: bid-11 1.1830.3e2aa7f8
Location: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=66561e59-5779-4161-a494-f41a71e6729f
Set-Cookie: uid=66561e59-5779-4161-a494-f41a71e6729f.67ad1801.c6cb001a57190814; domain=.ohmy.bid; path=/; expires=Fri, 14-Mar-2025 21:52:01 GMT; SameSite=None; Secure;
Access-Control-Allow-Credentials: true
GET kimberlite.io/rtb/ujs?ymss=skyadvert
200 OK 385 B URL GET HTTP/1.1 kimberlite.io/rtb/ujs?ymss=skyadvert
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
File type JavaScript source, ASCII text, with very long lines (319)
Hash 1cbadefbceb0994db088f3778e79e988
1bd635c6cd4f5df3c5943e9cbe856a99e2838235
15eaa8d80bf7e740ab7899a6fc6f30576fe537f8cda7caeee819e5239c392f9d
GET /rtb/ujs?ymss=skyadvert HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:01 GMT
Content-Type: application/javascript
Content-Length: 385
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=Z60YAfsky9o~J6PzAFCqDWh2drwjMQP4h7cOGBI; path=/; max-age=7776000; samesite=none; httponly; secure
sm=QgBnrRgB; path=/rtb; max-age=604800; samesite=none; httponly; secure
content-encoding: gzip
server-timing: app;srv=s6;dur=0.0002
GET logger.moviead55.ru/logger?t=player_frame_loaded_new&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=0&v=03208824bea369b060dba1f2083d6a4c&o=
200 OK 81 B URL GET HTTP/2 logger.moviead55.ru/logger?t=player_frame_loaded_new&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=0&v=03208824bea369b060dba1f2083d6a4c&o=
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger?t=player_frame_loaded_new&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=0&v=03208824bea369b060dba1f2083d6a4c&o= HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-logger-le: true
x-logger-tdb: default
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET kimberlite.io/rtb/sync/skyadvert?u=f5819827-0e4b-3ce0-0249-19cec2e6c3e7
307 Temporary Redirect 0 B URL GET HTTP/1.1 kimberlite.io/rtb/sync/skyadvert?u=f5819827-0e4b-3ce0-0249-19cec2e6c3e7
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/skyadvert?u=f5819827-0e4b-3ce0-0249-19cec2e6c3e7 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 12 Feb 2025 21:52:01 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=Z60YASsrItw~5BkI1jFA_HnS8xrpsovYJAawa4g; path=/; max-age=7776000; samesite=none; httponly; secure
da=KLqvcgAAAAE; path=/rtb; max-age=604800; samesite=none; httponly; secure
f=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsolta%26bid%3DZ60YASsrI9w; max-age=30; samesite=none; httponly; secure
n=1; max-age=30; samesite=none; httponly; secure
location: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Z60YASsrItw
referrer-policy: no-referrer
server-timing: app;srv=s11a;dur=0.0004
GET sync.opendsp.ru/match/MovieAds?id=608ae2f4-48f6-6d62-f81d-3ad3afefaa20
200 OK 43 B URL GET HTTP/2 sync.opendsp.ru/match/MovieAds?id=608ae2f4-48f6-6d62-f81d-3ad3afefaa20
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGlobalSign nv-sa
Subject*.opendsp.ru
FingerprintB2:A3:65:04:AB:F2:45:6C:FC:D0:BE:B1:A2:16:DA:4C:66:94:83:88
ValidityWed, 31 Jul 2024 10:09:40 GMT - Mon, 01 Sep 2025 10:09:39 GMT
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/MovieAds?id=608ae2f4-48f6-6d62-f81d-3ad3afefaa20 HTTP/1.1
Host: sync.opendsp.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET sync.dmp.otm-r.com/match/skyadvert
302 Found 61 B URL GET HTTP/2 sync.dmp.otm-r.com/match/skyadvert
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectsync.dmp.otm-r.com
Fingerprint29:D2:AB:5F:C2:92:48:42:73:F9:23:77:14:BB:41:49:08:AE:6B:21
ValidityTue, 10 Dec 2024 12:01:23 GMT - Mon, 10 Mar 2025 12:01:22 GMT
File type HTML document, ASCII text
Hash 239f714c9536f07bbe7e747833832f39
8c284dbceba67afc4d6443e8cf9c101549cc9bcf
6496e2ab1f2050cdaa96385e2b10c2ed3a51015b30c57f805e5aefa7d6430221
GET /match/skyadvert HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.23.2
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/html; charset=utf-8
content-length: 61
access-control-allow-origin: *
location: /match/skyadvert?otcm_check=1739397121
set-cookie: mpid=NjdhZDE4MDEwODg2ZmYwYg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
GET exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
302 Found 114 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintAD:3D:5A:FB:EA:0C:06:C6:DD:3E:69:73:36:2A:74:3B:95:70:1E:67
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File type HTML document, ASCII text
Hash 938d10456461e5c6cfcb0d69c7e97f73
2fb6c9576a0404838fae85ec2e68a0258a5262a4
db01c9d76c5098c5beb5502a68244ab010126b67b200517ca362d7d6b08205e4
GET /cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 114
location: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=419955ad-bf03-4e68-52e6-88cfaac8f929
serverid: TODO
X-Firefox-Spdy: h2
GET sync.gonet-ads.com/match/SkyAdvert?id=d7063822-e6c4-8bf3-c2c0-a4ba5ab407e2
200 OK 43 B URL GET HTTP/2 sync.gonet-ads.com/match/SkyAdvert?id=d7063822-e6c4-8bf3-c2c0-a4ba5ab407e2
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerSectigo Limited
Subject*.gonet-ads.com
FingerprintF9:26:15:49:49:7C:0B:D7:26:B2:22:B3:1A:42:11:6B:F7:FB:3D:33
ValidityMon, 20 May 2024 00:00:00 GMT - Wed, 11 Jun 2025 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/SkyAdvert?id=d7063822-e6c4-8bf3-c2c0-a4ba5ab407e2 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/csync?cn=hbrdcookie2&bid=375b1cdc2416de852945
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=hbrdcookie2&bid=375b1cdc2416de852945
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=hbrdcookie2&bid=375b1cdc2416de852945 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/jpeg
content-length: 0
set-cookie: hbrdcookie2=375b1cdc2416de852945; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET dm-eu.hybrid.ai/match?id=106&vid=0900007F0118AD673527F14B02D61368
302 Found 0 B URL GET HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0900007F0118AD673527F14B02D61368
IP
ASN #200197 Hybrid Adtech Sp.z.o.o.
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.hybrid.ai
FingerprintC1:9A:FB:0B:9B:BA:F6:60:5C:85:23:14:04:BB:28:06:F8:94:11:9E
ValidityWed, 04 Sep 2024 00:00:00 GMT - Sun, 05 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: vid=375b1cdc2416de852945
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: https://dm.hybrid.ai/yandexdmp-match
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 0556
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
GET a.utraff.com/sync?ssp=8&id=0900007F0118AD673527F14B02D61368
302 Found 0 B URL GET HTTP/2 a.utraff.com/sync?ssp=8&id=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services
Subjectutraff.com
FingerprintF0:05:B9:23:8D:FE:B1:3D:95:35:45:AF:5E:11:16:CA:95:46:33:58
ValiditySun, 26 Jan 2025 17:45:28 GMT - Sat, 26 Apr 2025 18:45:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=8&id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: preutid=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/plain
content-length: 0
location: https://ssp.bidvol.com/usersync?pubid=252
set-cookie: preutid=1; Max-Age=0; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Max-Age=0; Domain=.utraff.com; SameSite=None; Secure; Path=/
utid=cRW9yyQ86WWNv1R8ZfvWakk1yGSCS98SXVsKmiKkZfHbsefRcQKBcd-wi2x3-EAKw53LVgmIwIwDNJGnDBEFFQ; Expires=Sun, 11 Feb 2035 00:52:02 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
utid=cRW9yyQ86WWNv1R8ZfvWakk1yGSCS98SXVsKmiKkZfHbsefRcQKBcd-wi2x3-EAKw53LVgmIwIwDNJGnDBEFFQ; Expires=Sun, 11 Feb 2035 00:52:02 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jdz1trLI%2FpGMcgMjsRnu9dLL2VBQ5fEetR1P9XrHjy5mBnBr3dRt%2F6EG6qXYMyQi6oXDxkuWysD%2B%2Bh4Y%2B3e87srq0RaEuui87QmlNm3GpvpshQOY8V3DSXYY13E0bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdadbfd6b51e-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6224&min_rtt=478&rtt_var=11201&sent=10&recv=14&lost=0&retrans=1&sent_bytes=4209&recv_bytes=1395&delivery_rate=7288590&cwnd=257&unsent_bytes=0&cid=87e93ab156536aca&ts=524&x=0"
X-Firefox-Spdy: h2
GET sync.gonet-ads.com/match/sape.js?id=0900007F0118AD673527F14B02D61368
200 OK 43 B URL GET HTTP/2 sync.gonet-ads.com/match/sape.js?id=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.gonet-ads.com
FingerprintF9:26:15:49:49:7C:0B:D7:26:B2:22:B3:1A:42:11:6B:F7:FB:3D:33
ValidityMon, 20 May 2024 00:00:00 GMT - Wed, 11 Jun 2025 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape.js?id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.gonet-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
GET sync.opendsp.ru/match/sape?id=0900007F0118AD673527F14B02D61368
200 OK 43 B URL GET HTTP/2 sync.opendsp.ru/match/sape?id=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.opendsp.ru
FingerprintB2:A3:65:04:AB:F2:45:6C:FC:D0:BE:B1:A2:16:DA:4C:66:94:83:88
ValidityWed, 31 Jul 2024 10:09:40 GMT - Mon, 01 Sep 2025 10:09:39 GMT
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape?id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.opendsp.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
307 Temporary Redirect 269 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintAD:3D:5A:FB:EA:0C:06:C6:DD:3E:69:73:36:2A:74:3B:95:70:1E:67
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File type HTML document, ASCII text
Hash c6a72321a84dd877242f00b33dd36c91
96c64c31d2f52a8af97d96986bd130b2c5c1a06b
7163761ba84527e71e22702a5d3332071e35a36fc8b754ed84564519ceb6e1be
GET /cookiesync/dsp/sape-banner?uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 269
location: /cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
set-cookie: uuid=74471490-cd43-46b8-4325-be174c284dbe; Path=/; Domain=buzzoola.com; Expires=Fri, 14 Mar 2025 21:52:02 GMT; Max-Age=2592000; Secure; SameSite=None
serverid: TODO
X-Firefox-Spdy: h2
GET match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
302 Found 0 B URL GET HTTP/1.1 match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectmatch.ohmy.bid
FingerprintCE:06:62:51:1A:72:4A:C7:E0:69:D7:71:81:B4:71:90:FC:78:DE:9C
ValidityFri, 17 Jan 2025 20:04:03 GMT - Thu, 17 Apr 2025 20:04:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP/1.1
Host: match.ohmy.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: uid=66561e59-5779-4161-a494-f41a71e6729f.67ad1801.c6cb001a57190814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 0
Connection: keep-alive
Bidder: bid-23 1.1830.3e2aa7f8
Location: https://mc.acint.net/match?dp=217&euid=66561e59-5779-4161-a494-f41a71e6729f
Access-Control-Allow-Credentials: true
GET sync.dmp.otm-r.com/match/sape?id=0900007F0118AD673527F14B02D61368
302 Found 94 B URL GET HTTP/2 sync.dmp.otm-r.com/match/sape?id=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectsync.dmp.otm-r.com
Fingerprint29:D2:AB:5F:C2:92:48:42:73:F9:23:77:14:BB:41:49:08:AE:6B:21
ValidityTue, 10 Dec 2024 12:01:23 GMT - Mon, 10 Mar 2025 12:01:22 GMT
File type HTML document, ASCII text
Hash ba4105e357acfcc6d55085d788e596e9
c57715c45a93eb0f9c35d457047037310af35bbb
47618880b5152ca79cd9432fbfccd8db90e707f44e76bae2ee7900230a09b9e8
GET /match/sape?id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: mpid=NjdhZDE4MDEwODg2ZmYwYg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.23.2
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 94
access-control-allow-origin: *
location: https://www.acint.net/match?dp=68&euid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D
set-cookie: mpid=NjdhZDE4MDEwODg2ZmYwYg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
GET sync.opendsp.ru/match/sape_ex?id=0900007F0118AD673527F14B02D61368
200 OK 43 B URL GET HTTP/2 sync.opendsp.ru/match/sape_ex?id=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.opendsp.ru
FingerprintB2:A3:65:04:AB:F2:45:6C:FC:D0:BE:B1:A2:16:DA:4C:66:94:83:88
ValidityWed, 31 Jul 2024 10:09:40 GMT - Mon, 01 Sep 2025 10:09:39 GMT
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape_ex?id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.opendsp.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/csync?cn=otclkbid&bid=VUnZUsbWsOWu9RE
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=otclkbid&bid=VUnZUsbWsOWu9RE
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=otclkbid&bid=VUnZUsbWsOWu9RE HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/jpeg
content-length: 0
set-cookie: otclkbid=VUnZUsbWsOWu9RE; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET adx.com.ru/sync/init/sapePlazkart?uid=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D239%26euid%3D%7Buid%7D
302 Found 185 B URL GET HTTP/2 adx.com.ru/sync/init/sapePlazkart?uid=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D239%26euid%3D%7Buid%7D
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.adx.com.ru
Fingerprint80:35:EC:8F:65:57:E4:4C:9A:B4:F6:F9:CA:A4:DD:48:0A:71:E0:4E
ValidityWed, 05 Jun 2024 13:44:34 GMT - Mon, 07 Jul 2025 13:44:33 GMT
File type HTML document, ASCII text
Hash 5a82d85a1d426264bfd13928669b0c7e
9d067a347350a7dead0a641e3908aa470847df91
f6e2dd4799b1c0c86fe1d20dfdd88a3df821cc89c09caf7407a0cef5acd66765
GET /sync/init/sapePlazkart?uid=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D239%26euid%3D%7Buid%7D HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.26.0
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 185
cache-control: no-store
location: /sync/confirm/sapePlazkart?r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D239%26euid%3D%7Buid%7D&sspSysName=sapePlazkart&uid=0900007F0118AD673527F14B02D61368
set-cookie: user=67ad18027011cb00012d7c5d; Path=/; Domain=adx.com.ru; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
GET a.videohead.tech/sync?ssp=68
302 Found 0 B URL GET HTTP/3 a.videohead.tech/sync?ssp=68
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services
Subjectvideohead.tech
Fingerprint84:E2:9C:58:5B:92:64:BF:83:C7:D8:AA:D5:F1:D2:A0:C3:08:D4:97
ValiditySun, 12 Jan 2025 12:30:53 GMT - Sat, 12 Apr 2025 13:29:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=68 HTTP/1.1
Host: a.videohead.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: prevhead=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/plain
content-length: 0
location: https://mc.acint.net/match?dp=353&euid=b5cc693b-1419-453d-b39c-e3745af93aff
set-cookie: prevhead=1; Max-Age=0; Domain=.videohead.tech; SameSite=None; Secure; Path=/
vhead=Zdz_bgAKR0DYQ6o7XEj7c7j_cmO7RXrvqs7XPu0L_CBniBROXABxg7qfCL7rXEHjjFCURc6ZkrtxB9SzrKxB-g; Expires=Sun, 11 Feb 2035 00:52:02 GMT; Domain=.videohead.tech; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpHX4QbeH7Yb2Tf109ww9fttKKm7WsOC8%2Fxs%2FvysYwb8K7mb4LNYr%2F9E6nJcXFFx9pns%2F1Gk%2FGT8P%2BzQabd0Yl18QTPzfBrgbtv32RltZtmeaYL5MmzlW2Sme27%2FVgDxdZmU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdae1843b51e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17677&min_rtt=5553&rtt_var=10742&sent=10&recv=6&lost=0&retrans=0&sent_bytes=4010&recv_bytes=1122&delivery_rate=106964&cwnd=12000&unsent_bytes=0&cid=db5f25a2699d8dd8&ts=474&x=1", cfExtPri, cfHdrFlush;dur=0
GET kimberlite.io/rtb/sync/sape2?u=0900007F0118AD673527F14B02D61368
307 Temporary Redirect 0 B URL GET HTTP/1.1 kimberlite.io/rtb/sync/sape2?u=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/sape2?u=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: f=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsolta%26bid%3DZ60YASsrI9w; n=1; sm=QgBnrRgB; da=KLqvcgAAAAE; u=Z60YASsrItw~5BkI1jFA_HnS8xrpsovYJAawa4g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
location: https://www.acint.net/rmatch?dp=202&r=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fsape%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsolta%2526bid%253DZ60YASsrI9w%26n%3D2
set-cookie: da=KLqvcgAAAAFnkJYmAAAAAQ; path=/rtb; max-age=604800; samesite=none; httponly; secure
f=; max-age=0; samesite=none; httponly; secure
referrer-policy: no-referrer
server-timing: app;srv=s9a;dur=0.0005
GET otclick-adv.ru/core/match.gif?s=56&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%2F%3Fdp%3D361%26euid%3D%23%7BUID%7D
302 Moved Temporarily 124 B URL GET HTTP/1.1 otclick-adv.ru/core/match.gif?s=56&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%2F%3Fdp%3D361%26euid%3D%23%7BUID%7D
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectotclick.ru
Fingerprint86:2F:8B:69:36:48:EB:D5:8E:BD:D5:F5:39:D8:84:9D:83:27:35:28
ValidityMon, 23 Dec 2024 09:42:37 GMT - Sun, 23 Mar 2025 09:42:36 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash c73e35f73ed5c795c70cf66e99088b7c
63a9ffe5d0e5b4070819b95ef564a58d8a3a3a1c
80034a9712f07e6b0577c7e5bf6d5d718736593e7d21c81dd1a3cbdb4eb860de
GET /core/match.gif?s=56&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%2F%3Fdp%3D361%26euid%3D%23%7BUID%7D HTTP/1.1
Host: otclick-adv.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: idntfy=VUnZUsbWsOWu9RE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 124
Connection: keep-alive
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thursday, 01-Jan-1970 00:00:00 GMT
Location: https://mc.acint.net/match/?dp=361&euid=VUnZUsbWsOWu9RE
GET code.moviead55.ru/go/csync?cn=ohmybid&bid=66561e59-5779-4161-a494-f41a71e6729f
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=ohmybid&bid=66561e59-5779-4161-a494-f41a71e6729f
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=ohmybid&bid=66561e59-5779-4161-a494-f41a71e6729f HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/jpeg
content-length: 0
set-cookie: ohmybid=66561e59-5779-4161-a494-f41a71e6729f; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/csync?cn=bvbid&bid=i8ju5ka6od
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=bvbid&bid=i8ju5ka6od
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=bvbid&bid=i8ju5ka6od HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/jpeg
content-length: 0
set-cookie: bvbid=i8ju5ka6od; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET a.adiam.tech/sync?ssp=29
204 No Content 0 B IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services
Subjectadiam.tech
Fingerprint0E:6E:E8:89:73:01:C0:C4:7B:DF:27:A7:D6:99:4B:0A:D6:68:55:54
ValidityThu, 26 Dec 2024 08:20:55 GMT - Wed, 26 Mar 2025 09:19:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=29 HTTP/1.1
Host: a.adiam.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/plain
content-length: 0
set-cookie: preadiam=1; Expires=Sat, 15 Mar 2025 00:52:02 GMT; Domain=.adiam.tech; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEHvayym%2FiwuqXP29Ihcjf45OkNdNCpcjtz5gZ0CdDRHODOmMqhjWYVovVskqcGiNqUwCJHIB5hmK9me51E2m4GhRse1TzVUrwUy7C5umXjz72XGenQ7wJ8kBQCeD98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdaea900b512-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2245&min_rtt=426&rtt_var=3355&sent=9&recv=11&lost=0&retrans=1&sent_bytes=3288&recv_bytes=1129&delivery_rate=7288590&cwnd=256&unsent_bytes=0&cid=2ed96cebb697aa7d&ts=140&x=0"
X-Firefox-Spdy: h2
GET www.acint.net/cmr.bidderstack.com/sape/cm?user_id=0900007F0118AD673527F14B02D61368
404 Not Found 206 B URL GET HTTP/2 www.acint.net/cmr.bidderstack.com/sape/cm?user_id=0900007F0118AD673527F14B02D61368
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
Hash f14000f280e3d4c64b2de69be999c4f0
c337ba789bc5a6051f796d335f30a0445cc1239c
b70347a826a2e46cce62b8b0ff624566f0e57b1ba51efcbd815e781f8012607c
GET /cmr.bidderstack.com/sape/cm?user_id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/mc/?dp=167&tc=1
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2
GET ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14
302 Found 142 B URL GET HTTP/2 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.sape.ru
FingerprintCC:59:65:2D:B1:40:01:61:56:4A:04:59:C9:93:98:E4:9E:FB:EE:56
ValiditySun, 09 Feb 2025 23:42:00 GMT - Sat, 10 May 2025 23:41:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 142
location: https://acint.net/rmatch?dp=14&euid=2003420A0218AD67CC013FB10254D03A&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
access-control-allow-origin: *
access-control-allow-methods: GET
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: sspuid=CkIDIGetGAKxPwHMOtBUApGgEH7UuvCkPotPuNdNjIqNsvMn; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
GET sync.bumlam.com/?src=sap1&uid=0900007F0118AD673527F14B02D61368
302 Moved Temporarily 0 B URL GET HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
FingerprintFA:27:E9:07:AD:CC:4B:BE:CD:11:76:8D:83:E5:CE:4F:A1:20:03:5D
ValidityWed, 12 Feb 2025 12:10:44 GMT - Tue, 13 May 2025 12:10:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*; Path=/; Expires=Tue, 07 Feb 2045 21:52:02 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiCsLS9BmIgMDkwMDAwN0YwMTE4QUQ2NzM1MjdGMTRCMDJENjEzNjiiARCXneZG6YsR77YMACWQyCQ2
ETag: 979de646-e98b-11ef-b60c-002590c82436
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
GET pix.bumlam.com/sync/sape/check?sspuid=0900007F0118AD673527F14B02D61368
302 Found 0 B URL GET HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
FingerprintFA:27:E9:07:AD:CC:4B:BE:CD:11:76:8D:83:E5:CE:4F:A1:20:03:5D
ValidityWed, 12 Feb 2025 12:10:44 GMT - Tue, 13 May 2025 12:10:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
GET ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14
302 Found 142 B URL GET HTTP/2 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.sape.ru
FingerprintCC:59:65:2D:B1:40:01:61:56:4A:04:59:C9:93:98:E4:9E:FB:EE:56
ValiditySun, 09 Feb 2025 23:42:00 GMT - Sat, 10 May 2025 23:41:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 142
location: https://acint.net/rmatch?dp=14&euid=2A03420A0218AD67CE01740402542114&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
access-control-allow-origin: *
access-control-allow-methods: GET
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: sspuid=CkIDKmetGAIEdAHOFCFUAtiFkUonTuC6P6NRDgNvyaLuPq+f; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/csync?cn=bzcookie&bid=419955ad-bf03-4e68-52e6-88cfaac8f929
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=bzcookie&bid=419955ad-bf03-4e68-52e6-88cfaac8f929
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=bzcookie&bid=419955ad-bf03-4e68-52e6-88cfaac8f929 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/jpeg
content-length: 0
set-cookie: bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET sync.upravel.com/sape/sync
302 Found 0 B URL GET HTTP/2 sync.upravel.com/sape/sync
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint2E:80:2D:2C:A0:2D:D2:F3:89:EA:4C:28:8D:21:79:E2:AF:B9:59:12
ValidityWed, 29 May 2024 15:22:01 GMT - Sun, 29 Jun 2025 17:07:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=
set-cookie: session_tptc=1739397122503;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1739397122503;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
GET a.adspector.io/sync?ssp=6
204 No Content 0 B URL GET HTTP/2 a.adspector.io/sync?ssp=6
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services
Subjectadspector.io
FingerprintC8:59:B4:F6:9D:13:B6:C4:1D:06:0C:5A:31:4D:51:2C:28:D4:A2:30
ValidityTue, 21 Jan 2025 00:43:27 GMT - Mon, 21 Apr 2025 01:39:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=6 HTTP/1.1
Host: a.adspector.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/plain
content-length: 0
set-cookie: preadspector=1; Expires=Sat, 15 Mar 2025 00:52:02 GMT; Domain=.adspector.io; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWaCZlFX%2FOTr2iECNwx8w3A9SfGBRcIW99v1CyTbA8XSO1%2B5PP%2Bc00xrfGeBXaTUVsqrUTm2PDYSQweYQkHftaLvkeDQ4DCtD4MpzbDAfzE3jewoefey0ojz%2FW%2FyPtaUXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdafd93bb500-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1096&min_rtt=440&rtt_var=1296&sent=8&recv=12&lost=0&retrans=1&sent_bytes=3291&recv_bytes=1257&delivery_rate=7729537&cwnd=256&unsent_bytes=0&cid=cbf1e5c9ae5583fc&ts=235&x=0"
X-Firefox-Spdy: h2
GET match.new-programmatic.com/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
204 No Content 0 B URL GET HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectad.ad-blast.ru
Fingerprint8A:0E:E6:FA:E2:74:DF:6F:4B:20:C8:14:19:46:F2:42:C1:14:AB:FA
ValidityMon, 30 Dec 2024 05:54:07 GMT - Sun, 30 Mar 2025 05:54:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
GET ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 43 B URL GET HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectssp.bidvol.com
Fingerprint3B:DE:00:48:B6:4B:AE:32:FD:A7:6B:04:C1:58:85:2B:95:51:02:95
ValidityMon, 06 Jan 2025 08:51:41 GMT - Sun, 06 Apr 2025 08:51:40 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Cookie: bvuid=i8ju5ka6od
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.24.0 (Ubuntu)
date: Wed, 12 Feb 2025 21:52:02 GMT
x-request-id: 5fb413d4-adbd-4989-aea4-eff8787e57ca
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
set-cookie: bvuid=i8ju5ka6od; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=i8ju5ka6od; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
location: https://www.acint.net/match?dp=129&euid=i8ju5ka6od
X-Firefox-Spdy: h2
GET sync.dmp.otm-r.com/match/skyadvert?otcm_check=1739397121
302 Found 104 B URL GET HTTP/2 sync.dmp.otm-r.com/match/skyadvert?otcm_check=1739397121
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectsync.dmp.otm-r.com
Fingerprint29:D2:AB:5F:C2:92:48:42:73:F9:23:77:14:BB:41:49:08:AE:6B:21
ValidityTue, 10 Dec 2024 12:01:23 GMT - Mon, 10 Mar 2025 12:01:22 GMT
File type HTML document, ASCII text
Hash 8e28d1f4f8e2312f68c8c2319983b241
363c809a6f325812e3bd75a566c11f30c4e4b818
3f20eaf615634cca2c30dc6f54428e47b6fac47f9eb29349510f2c13c1b60a45
GET /match/skyadvert?otcm_check=1739397121 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: mpid=NjdhZDE4MDEwODg2ZmYwYg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.23.2
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 104
access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=otmbid&bid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D
set-cookie: mpid=NjdhZDE4MDEwODg2ZmYwYg==; Path=/; Domain=otm-r.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
200 OK 101 B URL code.moviead55.ru/go/bn?key=03208824bea369b060dba1f2083d6a4c&cp.adsource=slt_bnr2&vt=100&w=300&h=250&cp.referer=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&fid=fa5537840d3df8fd9&cp.tanc=&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d
IP
ASN #6681 Giveme Cloud Sp Z O O
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type ASCII text, with no line terminators
Hash ea9df796a11ca33dc05fcbe3b1ec7c53
20b35299196c50f80a505cac3ae291eae19254ee
84a13b7548345d7499bd784e38365ba9e1e92ecb6a2ba74e52bf93c35bea989d
GET /go/bn?key=03208824bea369b060dba1f2083d6a4c&cp.adsource=slt_bnr2&vt=100&w=300&h=250&cp.referer=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&fid=fa5537840d3df8fd9&cp.tanc=&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-path: /
x-skyadvert-referrer: http://flicksbar.mom/
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-skyadvert-udata: cache,parsed,27532
x-cache-source: Rist
x-skyadvert-mrc: no
x-skyadvert-ref: {"Scheme":"http","Opaque":"","User":null,"Host":"flicksbar.mom","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET www.acint.net/match?dp=68&euid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=68&euid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=68&euid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET exchange.buzzoola.com/cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
302 Found 156 B URL GET HTTP/2 exchange.buzzoola.com/cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.buzzoola.com
FingerprintAD:3D:5A:FB:EA:0C:06:C6:DD:3E:69:73:36:2A:74:3B:95:70:1E:67
ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File type HTML document, ASCII text
Hash 9ff2e843f6c5bda36d33114ee4e01744
f775e00b19a1d2df4d83474473683a6465ce2d6e
cbf64e5eb3bc98e48af1bda6211ccfcaa6136d17e3e02e1cd5b6f4d8fa80bc09
GET /cookiesync/dsp/sape-banner?set_buzzoola_cookie=t&uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: uuid=74471490-cd43-46b8-4325-be174c284dbe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 156
location: https://mc.acint.net/rmatch?dp=126&euid=74471490-cd43-46b8-4325-be174c284dbe&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
serverid: TODO
X-Firefox-Spdy: h2
GET cs.agency2.ru/p?ssp=sp&uid=0900007F0118AD673527F14B02D61368
301 Moved Permanently 0 B URL GET HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0900007F0118AD673527F14B02D61368
IP
ASN #39134 Edinaya Set Limited Liability Company
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.agency2.ru
Fingerprint51:DD:44:C1:B3:84:0D:7D:C0:0C:80:3C:1F:03:2D:E4:AE:FF:58:16
ValidityThu, 25 Jul 2024 11:24:45 GMT - Tue, 26 Aug 2025 11:24:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=3cd2ec5b-241b-4fed-8293-65c929b4e7df
Set-Cookie: uuid=3cd2ec5b-241b-4fed-8293-65c929b4e7df; expires=Tue, 03 Feb 2026 21:52:02 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.105.255.196
GET www.acint.net/rmatch?dp=202&r=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fsape%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsolta%2526bid%253DZ60YASsrI9w%26n%3D2
302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?dp=202&r=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fsape%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsolta%2526bid%253DZ60YASsrI9w%26n%3D2
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=202&r=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fsape%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsolta%2526bid%253DZ60YASsrI9w%26n%3D2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 154
location: https://kimberlite.io/rtb/sync/sape?u=0900007F0118AD673527F14B02D61368&f=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsolta%26bid%3DZ60YASsrI9w&n=2
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET ssp.al-adtech.com/api/sync/sape
302 Found 0 B URL GET HTTP/1.1 ssp.al-adtech.com/api/sync/sape
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.al-adtech.com
Fingerprint06:63:1C:A5:12:7F:64:27:59:49:42:CA:9D:8E:5F:E4:B1:61:6F:82
ValidityThu, 06 Feb 2025 13:57:05 GMT - Wed, 07 May 2025 13:57:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync/sape HTTP/1.1
Host: ssp.al-adtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Location: https://mc.acint.net/rmatch?dp=261&euid=d7f6858f-5a16-455d-b444-4d7311ff26bd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
Set-Cookie: afp_cookie=gAAAAABnrRgC0jpg2HanRCkJA8Cs93PbTgWVjnKuvztdn63FBb_pnavlxSULTaivy0ZXp-gZGyMXIVoKVbYuVuPvguxgo9AyA5vgOJfi0_J7FKIN_13zP-hMzZOyE1xLgVOwPToidOTGmQOYFxGqovc4wgfJUG8f1SISCnTlND8KsFQJg6_Z0gpZZKblej84AGWdmjlzn4RbEPhSvPawSc7J_CH2pAdzEw==$; expires=Wed, 12 Mar 2025 21:52:02 GMT; path=/; secure; SameSite=None
GET mc.acint.net/match/?dp=361&euid=VUnZUsbWsOWu9RE
200 OK 43 B URL GET HTTP/2 mc.acint.net/match/?dp=361&euid=VUnZUsbWsOWu9RE
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match/?dp=361&euid=VUnZUsbWsOWu9RE HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET mc.acint.net/match?dp=353&euid=b5cc693b-1419-453d-b39c-e3745af93aff
200 OK 43 B URL GET HTTP/2 mc.acint.net/match?dp=353&euid=b5cc693b-1419-453d-b39c-e3745af93aff
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=353&euid=b5cc693b-1419-453d-b39c-e3745af93aff HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET pixel.dsp.onetarget.ru/sape/pixel?id=0900007F0118AD673527F14B02D61368
302 Found 0 B URL GET HTTP/2 pixel.dsp.onetarget.ru/sape/pixel?id=0900007F0118AD673527F14B02D61368
IP
ASN #200350 Yandex.Cloud LLC
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectpixel.dsp.onetarget.ru
FingerprintA5:40:7F:40:F8:F2:94:25:A5:D4:59:97:94:52:25:C5:00:E5:C7:A6
ValidityTue, 14 Jan 2025 04:04:25 GMT - Mon, 14 Apr 2025 04:04:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/pixel?id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: pixel.dsp.onetarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=5813217&id=9f5d2f04-eaae-417a-8102-2ccd47ace57f
set-cookie: USER_ID=9f5d2f04-eaae-417a-8102-2ccd47ace57f;max-age=2147483647;Secure;HttpOnly;SameSite=None
SAPE_USER_ID=0900007F0118AD673527F14B02D61368;max-age=30758400;Secure;HttpOnly;SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
GET mc.acint.net/match?dp=217&euid=66561e59-5779-4161-a494-f41a71e6729f
200 OK 43 B URL GET HTTP/2 mc.acint.net/match?dp=217&euid=66561e59-5779-4161-a494-f41a71e6729f
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=217&euid=66561e59-5779-4161-a494-f41a71e6729f HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET adx.com.ru/sync/confirm/sapePlazkart?r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D239%26euid%3D%7Buid%7D&sspSysName=sapePlazkart&uid=0900007F0118AD673527F14B02D61368
302 Found 300 B URL GET HTTP/2 adx.com.ru/sync/confirm/sapePlazkart?r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D239%26euid%3D%7Buid%7D&sspSysName=sapePlazkart&uid=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.adx.com.ru
Fingerprint80:35:EC:8F:65:57:E4:4C:9A:B4:F6:F9:CA:A4:DD:48:0A:71:E0:4E
ValidityWed, 05 Jun 2024 13:44:34 GMT - Mon, 07 Jul 2025 13:44:33 GMT
File type HTML document, ASCII text
Hash 55ee7a705613be6719d1ca702722db86
6ba40c78e6239364667626020810937beb4c0cfc
e293656e12e958331524e780a7a50a4b4a748f6e2d8a9ef0c43b9fcfc4ddec7b
GET /sync/confirm/sapePlazkart?r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D239%26euid%3D%7Buid%7D&sspSysName=sapePlazkart&uid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: user=67ad18027011cb00012d7c5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.26.0
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 300
cache-control: no-store
location: https://x01.aidata.io/0.gif?pid=9712851&id=67ad18027011cb00012d7c5d&dest=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fdsp_id%3D162%26external_id%3D67ad18027011cb00012d7c5d%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fmatch%253Fdp%253D239%2526euid%253D%257Buid%257D
X-Firefox-Spdy: h2
GET mediatoday.ru/c/m.gif?s=32&id=366&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D366%26euid%3D%7Bvisitor_id%7D
302 Found 124 B URL GET HTTP/2 mediatoday.ru/c/m.gif?s=32&id=366&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D366%26euid%3D%7Bvisitor_id%7D
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectmediatoday.ru
Fingerprint30:52:42:EF:81:CE:FF:B0:E7:76:9B:0F:1C:3A:6B:9A:E4:E3:58:B4
ValiditySun, 17 Nov 2024 19:06:03 GMT - Sat, 15 Feb 2025 19:06:02 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash c73e35f73ed5c795c70cf66e99088b7c
63a9ffe5d0e5b4070819b95ef564a58d8a3a3a1c
80034a9712f07e6b0577c7e5bf6d5d718736593e7d21c81dd1a3cbdb4eb860de
GET /c/m.gif?s=32&id=366&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D366%26euid%3D%7Bvisitor_id%7D HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.27.3
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 124
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUnZUsbWsOWu9RE; expires=Sat, 10-Feb-2035 21:52:02 GMT; domain=mediatoday.ru; path=/c/; SameSite=None; Secure
idntfy=VUnZUsbWsOWu9RE; expires=Sat, 10-Feb-2035 21:52:02 GMT; domain=mediatoday.ru; path=/core/; SameSite=None; Secure
location: https://mc.acint.net/match?dp=366&euid=VUnZUsbWsOWu9RE
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
GET ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
302 Found 126 B URL GET HTTP/2 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectbestssp.com
FingerprintDC:A4:72:57:B5:9F:36:74:34:DC:8E:01:67:88:8A:60:6C:66:22:12
ValidityMon, 10 Feb 2025 09:01:55 GMT - Sun, 11 May 2025 09:01:54 GMT
File type HTML document, ASCII text
Hash 82269dff98f2e42c44e94171dfdac3bc
34984d9653cefc725c34c1cb26128da5ddc2a87e
09020e6e2d9adbf8105a656cfd9e7a2d71498de929da83ad65e52d398e324113
GET /sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
content-length: 126
location: https://mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=KZHOWHIM
set-cookie: uid=KZHOWHIM; Expires=Sat, 10 Feb 2035 21:52:02 GMT
X-Firefox-Spdy: h2
GET acint.net/rmatch?dp=14&euid=2003420A0218AD67CC013FB10254D03A&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
302 Found 154 B URL GET HTTP/2 acint.net/rmatch?dp=14&euid=2003420A0218AD67CC013FB10254D03A&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=2003420A0218AD67CC013FB10254D03A&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 154
location: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0900007F0118AD673527F14B02D61368
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET sync.dsp.solta.io/match/sape?id=0900007F0118AD673527F14B02D61368
200 OK 43 B URL GET HTTP/2 sync.dsp.solta.io/match/sape?id=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.dsp.solta.io
FingerprintA3:A7:7B:5B:42:39:D4:3C:1D:73:F8:FB:1C:3E:47:A0:18:94:4A:FD
ValidityWed, 31 Jul 2024 11:10:54 GMT - Mon, 01 Sep 2025 11:10:53 GMT
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/sape?id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.dsp.solta.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
GET sync.bumlam.com/?src=sap1&s_data=CAIQARiCsLS9BmIgMDkwMDAwN0YwMTE4QUQ2NzM1MjdGMTRCMDJENjEzNjiiARCXneZG6YsR77YMACWQyCQ2
200 OK 0 B URL GET HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARiCsLS9BmIgMDkwMDAwN0YwMTE4QUQ2NzM1MjdGMTRCMDJENjEzNjiiARCXneZG6YsR77YMACWQyCQ2
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
FingerprintFA:27:E9:07:AD:CC:4B:BE:CD:11:76:8D:83:E5:CE:4F:A1:20:03:5D
ValidityWed, 12 Feb 2025 12:10:44 GMT - Tue, 13 May 2025 12:10:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARiCsLS9BmIgMDkwMDAwN0YwMTE4QUQ2NzM1MjdGMTRCMDJENjEzNjiiARCXneZG6YsR77YMACWQyCQ2 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*; Path=/; Expires=Tue, 07 Feb 2045 21:52:02 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
GET ssp-statistics.dsp.nt.technology/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZV8xNzM4MDUyODgwODQ3In0.rWWFhvjxIbuujG1GTFwQklSMJiKgptBwYzz4p8BSesmEm5CqjbMhkVs5mVteVVlfMbT4wiTf22YGI6HFl8Snrw/sync?sspUserId=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D368%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D368
302 Found 0 B URL GET HTTP/2 ssp-statistics.dsp.nt.technology/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZV8xNzM4MDUyODgwODQ3In0.rWWFhvjxIbuujG1GTFwQklSMJiKgptBwYzz4p8BSesmEm5CqjbMhkVs5mVteVVlfMbT4wiTf22YGI6HFl8Snrw/sync?sspUserId=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D368%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerAmazon
Subjectdsp.nt.technology
FingerprintC2:37:6A:CC:E8:44:B1:19:D2:4B:0D:0B:C2:32:F7:6E:7F:4B:49:3E
ValidityWed, 15 Jan 2025 00:00:00 GMT - Fri, 13 Feb 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZV8xNzM4MDUyODgwODQ3In0.rWWFhvjxIbuujG1GTFwQklSMJiKgptBwYzz4p8BSesmEm5CqjbMhkVs5mVteVVlfMbT4wiTf22YGI6HFl8Snrw/sync?sspUserId=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D368%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D368 HTTP/1.1
Host: ssp-statistics.dsp.nt.technology
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
location: https://acint.net/rmatch?dp=368&euid=NT_1151573464955086_ibyljN&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D368
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-language: en-US
X-Firefox-Spdy: h2
GET acint.net/rmatch?dp=14&euid=2A03420A0218AD67CE01740402542114&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14
302 Found 154 B URL GET HTTP/2 acint.net/rmatch?dp=14&euid=2A03420A0218AD67CE01740402542114&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=2A03420A0218AD67CE01740402542114&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET logger.moviead55.ru/logger?v=03208824bea369b060dba1f2083d6a4c&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&t=player_init&a=&m=%7B%22vis%22%3A100%2C%22dv%22%3Atrue%2C%22jmap%22%3A3%2C%22blen%22%3A2%2C%22bounds%22%3A%7B%22x%22%3A0%2C%22y%22%3A0%2C%22width%22%3A1280%2C%22height%22%3A330%2C%22top%22%3A0%2C%22right%22%3A1280%2C%22bottom%22%3A330%2C%22left%22%3A0%7D%7D&o=&s2=2
200 OK 81 B URL GET HTTP/1.1 logger.moviead55.ru/logger?v=03208824bea369b060dba1f2083d6a4c&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&t=player_init&a=&m=%7B%22vis%22%3A100%2C%22dv%22%3Atrue%2C%22jmap%22%3A3%2C%22blen%22%3A2%2C%22bounds%22%3A%7B%22x%22%3A0%2C%22y%22%3A0%2C%22width%22%3A1280%2C%22height%22%3A330%2C%22top%22%3A0%2C%22right%22%3A1280%2C%22bottom%22%3A330%2C%22left%22%3A0%7D%7D&o=&s2=2
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger?v=03208824bea369b060dba1f2083d6a4c&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&t=player_init&a=&m=%7B%22vis%22%3A100%2C%22dv%22%3Atrue%2C%22jmap%22%3A3%2C%22blen%22%3A2%2C%22bounds%22%3A%7B%22x%22%3A0%2C%22y%22%3A0%2C%22width%22%3A1280%2C%22height%22%3A330%2C%22top%22%3A0%2C%22right%22%3A1280%2C%22bottom%22%3A330%2C%22left%22%3A0%7D%7D&o=&s2=2 HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Type: Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Logger-Le: true
X-Logger-Tdb: default
X-Movieads-Country: NO
Content-Encoding: gzip
GET sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL GET HTTP/1.1 sync.bumlam.com/?src=sape
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
FingerprintFA:27:E9:07:AD:CC:4B:BE:CD:11:76:8D:83:E5:CE:4F:A1:20:03:5D
ValidityWed, 12 Feb 2025 12:10:44 GMT - Tue, 13 May 2025 12:10:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*; Path=/; Expires=Tue, 07 Feb 2045 21:52:02 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=979de646-e98b-11ef-b60c-002590c82436
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
GET code.moviead55.ru/go/csync?cn=otmbid&bid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=otmbid&bid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=otmbid&bid=NjdhZDE4MDEwODg2ZmYwYg%3D%3D HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/jpeg
content-length: 0
set-cookie: otmbid=NjdhZDE4MDEwODg2ZmYwYg==; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET a.utraff.com/sync?dsp=Bidvol&buyerid=i8ju5ka6od
201 Created 0 B URL GET HTTP/2 a.utraff.com/sync?dsp=Bidvol&buyerid=i8ju5ka6od
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services
Subjectutraff.com
FingerprintF0:05:B9:23:8D:FE:B1:3D:95:35:45:AF:5E:11:16:CA:95:46:33:58
ValiditySun, 26 Jan 2025 17:45:28 GMT - Sat, 26 Apr 2025 18:45:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp=Bidvol&buyerid=i8ju5ka6od HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: utid=cRW9yyQ86WWNv1R8ZfvWakk1yGSCS98SXVsKmiKkZfHbsefRcQKBcd-wi2x3-EAKw53LVgmIwIwDNJGnDBEFFQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 201 Created
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/plain
content-length: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0Fn9xFIcbpyPgniV7echFj4V77LdgPk%2BpHml%2Bru%2B%2FwrFQRPBUEjQnTchC7QphWcat5wR3bf44CYDY%2BqaCS%2FeCZvbeHgVGmcuNdVMc4k13KSoR8Wp%2FYX1fm6q4OuAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdb1ecd3b51e-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5510&min_rtt=478&rtt_var=9829&sent=11&recv=16&lost=0&retrans=1&sent_bytes=5096&recv_bytes=1571&delivery_rate=7288590&cwnd=257&unsent_bytes=0&cid=87e93ab156536aca&ts=1188&x=0"
X-Firefox-Spdy: h2
GET mc.acint.net/rmatch?dp=126&euid=74471490-cd43-46b8-4325-be174c284dbe&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
302 Found 154 B URL GET HTTP/2 mc.acint.net/rmatch?dp=126&euid=74471490-cd43-46b8-4325-be174c284dbe&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=126&euid=74471490-cd43-46b8-4325-be174c284dbe&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=126
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=
302 Found 0 B URL GET HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.upravel.com
Fingerprint2E:80:2D:2C:A0:2D:D2:F3:89:EA:4C:28:8D:21:79:E2:AF:B9:59:12
ValidityWed, 29 May 2024 15:22:01 GMT - Sun, 29 Jun 2025 17:07:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0= HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: session_tptc=1739397122503
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=58002dc2-16e1-45b7-8b86-70eae0034a91;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=58002dc2-16e1-45b7-8b86-70eae0034a91;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/rmatch?dp=71&euid=58002dc2-16e1-45b7-8b86-70eae0034a91&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
GET www.acint.net/match?dp=186&euid=3cd2ec5b-241b-4fed-8293-65c929b4e7df
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=186&euid=3cd2ec5b-241b-4fed-8293-65c929b4e7df
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=3cd2ec5b-241b-4fed-8293-65c929b4e7df HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET mc.acint.net/rmatch?dp=261&euid=d7f6858f-5a16-455d-b444-4d7311ff26bd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
302 Found 154 B URL GET HTTP/2 mc.acint.net/rmatch?dp=261&euid=d7f6858f-5a16-455d-b444-4d7311ff26bd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=261&euid=d7f6858f-5a16-455d-b444-4d7311ff26bd&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=261
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus2&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
200 OK 373 B URL GET HTTP/2 code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus2&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type gzip compressed data, from Unix
Hash 883c8892decdbfd87196e35a6a26e90c
73d6c55a447d5205efe6807b9d569cafce6d51bb
ac27ebfc6a7050c95447ff5464c03af1270b9595011f8ef336c47873f8db73f6
GET /vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus2&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-cors-qex: Referer
x-skyadvert-path: /
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-skyadvert-udata: cache,parsed,25430
x-skyadvert-referrer: http://flicksbar.mom/
x-cache-source: Rist
x-skyadvert-mrc: no
x-skyadvert-ref: {"Scheme":"http","Opaque":"","User":null,"Host":"flicksbar.mom","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 466rmads=1739397122; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=KZHOWHIM
302 Found 154 B URL GET HTTP/2 mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=KZHOWHIM
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=KZHOWHIM HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=95
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET sync.techdsp.ru/sync?src=sape&uid=0900007F0118AD673527F14B02D61368
302 Found 0 B URL GET HTTP/2 sync.techdsp.ru/sync?src=sape&uid=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectsync.techdsp.ru
Fingerprint2B:3E:C9:18:CB:B8:A0:2C:88:5B:2A:12:3F:E8:F5:BC:2C:A0:DF:C3
ValidityTue, 04 Feb 2025 12:35:16 GMT - Mon, 05 May 2025 12:35:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?src=sape&uid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.techdsp.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=0914828&id=kCPYRug_RoyoAzdqenmPSg&dest=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D351%26euid%3DkCPYRug_RoyoAzdqenmPSg%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D351
referrer-policy: no-referrer
set-cookie: uid=kCPYRug_RoyoAzdqenmPSg; Path=/; Max-Age=31536000; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
GET mc.acint.net/rmatch?dp=110&euid=5929e757c980492b9181d7b5ef32c1c4&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
302 Found 154 B URL GET HTTP/2 mc.acint.net/rmatch?dp=110&euid=5929e757c980492b9181d7b5ef32c1c4&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=110&euid=5929e757c980492b9181d7b5ef32c1c4&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=110
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET sync.techdsp.ru/sync?src=sape&dmp=2&uid=0900007F0118AD673527F14B02D61368
302 Found 0 B URL GET HTTP/2 sync.techdsp.ru/sync?src=sape&dmp=2&uid=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectsync.techdsp.ru
Fingerprint2B:3E:C9:18:CB:B8:A0:2C:88:5B:2A:12:3F:E8:F5:BC:2C:A0:DF:C3
ValidityTue, 04 Feb 2025 12:35:16 GMT - Mon, 05 May 2025 12:35:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?src=sape&dmp=2&uid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.techdsp.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
location: https://dmg.digitaltarget.ru/1/7686/i/i?a=4110&e=l7VOTZ9wQjyO-myeGo8whw&i=8791851619940984220
referrer-policy: no-referrer
set-cookie: uid=l7VOTZ9wQjyO-myeGo8whw; Path=/; Max-Age=31536000; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
GET kimberlite.io/rtb/sync/sape?u=0900007F0118AD673527F14B02D61368&f=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsolta%26bid%3DZ60YASsrI9w&n=2
307 Temporary Redirect 0 B URL GET HTTP/1.1 kimberlite.io/rtb/sync/sape?u=0900007F0118AD673527F14B02D61368&f=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsolta%26bid%3DZ60YASsrI9w&n=2
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.kimberlite.io
Fingerprint27:9B:57:5F:3C:19:A5:31:A3:1B:E6:A4:8E:CF:2F:73:78:4E:46:C1
ValidityThu, 29 Feb 2024 12:20:14 GMT - Tue, 01 Apr 2025 12:20:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/sape?u=0900007F0118AD673527F14B02D61368&f=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsolta%26bid%3DZ60YASsrI9w&n=2 HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: n=1; sm=QgBnrRgB; da=KLqvcgAAAAFnkJYmAAAAAQ; u=Z60YASsrItw~5BkI1jFA_HnS8xrpsovYJAawa4g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=solta&bid=Z60YASsrI9w
set-cookie: as=97USd2etGAI; path=/rtb; max-age=604800; samesite=none; httponly; secure
n=; max-age=0; samesite=none; httponly; secure
referrer-policy: no-referrer
server-timing: app;srv=s7a;dur=0.0003
GET ssp-statistics.dev.dsp1.nominaltechno.com/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZSJ9.VXKxLxZBDKVR7akKD1ukrUZZiwKSy3v1zAZqgO5I0sDyck5wQtI73MuLZMkcYTNASS9UpZ9mSHr5k-r2pAOYRQ/sync?sspUserId=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D313%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D313
302 Found 0 B URL GET HTTP/2 ssp-statistics.dev.dsp1.nominaltechno.com/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZSJ9.VXKxLxZBDKVR7akKD1ukrUZZiwKSy3v1zAZqgO5I0sDyck5wQtI73MuLZMkcYTNASS9UpZ9mSHr5k-r2pAOYRQ/sync?sspUserId=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D313%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D313
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerAmazon
Subjectdsp1.nominaltechno.com
FingerprintF2:6B:D5:3F:E5:BA:5E:BD:8B:58:44:9A:08:A7:17:A2:46:46:07:4B
ValidityThu, 03 Oct 2024 00:00:00 GMT - Sun, 02 Nov 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZSJ9.VXKxLxZBDKVR7akKD1ukrUZZiwKSy3v1zAZqgO5I0sDyck5wQtI73MuLZMkcYTNASS9UpZ9mSHr5k-r2pAOYRQ/sync?sspUserId=0900007F0118AD673527F14B02D61368&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D313%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D313 HTTP/1.1
Host: ssp-statistics.dev.dsp1.nominaltechno.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
location: https://acint.net/rmatch?dp=313&euid=NT_1152039335888852_eGLRBa&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D313
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-language: en-US
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/csync?cn=sapecookie&bid=0900007F0118AD673527F14B02D61368
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=sapecookie&bid=0900007F0118AD673527F14B02D61368
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=sapecookie&bid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: image/jpeg
content-length: 0
set-cookie: sapecookie=0900007F0118AD673527F14B02D61368; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET www.acint.net/match?dp=98&euid=de2cea25-b6ba-44dc-af70-41ae000e5a4a
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=98&euid=de2cea25-b6ba-44dc-af70-41ae000e5a4a
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=de2cea25-b6ba-44dc-af70-41ae000e5a4a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET acint.net/rmatch?dp=368&euid=NT_1151573464955086_ibyljN&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D368
302 Found 154 B URL GET HTTP/2 acint.net/rmatch?dp=368&euid=NT_1151573464955086_ibyljN&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D368
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=368&euid=NT_1151573464955086_ibyljN&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D368 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=368
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET mc.acint.net/cmatch?dp=14
302 Found 154 B URL GET HTTP/2 mc.acint.net/cmatch?dp=14
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /cmatch?dp=14 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0900007F0118AD673527F14B02D61368
set-cookie: cSyncDp7v3=1739397123; expires=Fri, 14-Mar-25 21:52:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET pix.bumlam.com/sync/sape/sync_ok?guid=979de646-e98b-11ef-b60c-002590c82436
302 Found 0 B URL GET HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=979de646-e98b-11ef-b60c-002590c82436
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
FingerprintFA:27:E9:07:AD:CC:4B:BE:CD:11:76:8D:83:E5:CE:4F:A1:20:03:5D
ValidityWed, 12 Feb 2025 12:10:44 GMT - Tue, 13 May 2025 12:10:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=979de646-e98b-11ef-b60c-002590c82436 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 12 Feb 2025 21:52:03 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://979de646-e98b-11ef-b60c-002590c82436.n1.sync.bumlam.com/?src=sape
GET mc.acint.net/cmatch?dp=126
302 Found 154 B URL GET HTTP/2 mc.acint.net/cmatch?dp=126
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /cmatch?dp=126 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
set-cookie: cSyncDp241v2=1739397123; expires=Fri, 14-Mar-25 21:52:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET www.acint.net/rmatch?dp=71&euid=58002dc2-16e1-45b7-8b86-70eae0034a91&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
302 Found 154 B URL GET HTTP/2 www.acint.net/rmatch?dp=71&euid=58002dc2-16e1-45b7-8b86-70eae0034a91&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=71&euid=58002dc2-16e1-45b7-8b86-70eae0034a91&r=https%3A%2F%2Facint.net%2Fcmatch%3Fdp%3D71 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://acint.net/cmatch?dp=71
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET mc.acint.net/cmatch?dp=95
302 Found 154 B URL GET HTTP/2 mc.acint.net/cmatch?dp=95
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /cmatch?dp=95 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
set-cookie: cSyncDp241v2=1739397123; expires=Fri, 14-Mar-25 21:52:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET mc.acint.net/cmatch?dp=110
302 Found 154 B URL GET HTTP/2 mc.acint.net/cmatch?dp=110
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /cmatch?dp=110 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
set-cookie: cSyncDp241v2=1739397123; expires=Fri, 14-Mar-25 21:52:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET code.moviead55.ru/vjs2.php?bid=R-A-13494186-2
200 OK 662 B URL GET HTTP/2 code.moviead55.ru/vjs2.php?bid=R-A-13494186-2
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type gzip compressed data, from Unix
Hash 3dda8cfe0f48ac609620d9b5c8ec93e1
daa7dab2ee7f0d0632342ecf7b2f2085f2b99910
72f2d9da960cd99fe4f497c233fd81263ad60b6be27677d52baad757c580386c
GET /vjs2.php?bid=R-A-13494186-2 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET mc.acint.net/cmatch?dp=261
302 Found 154 B URL GET HTTP/2 mc.acint.net/cmatch?dp=261
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /cmatch?dp=261 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
set-cookie: cSyncDp241v2=1739397123; expires=Fri, 14-Mar-25 21:52:03 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/csync?cn=solta&bid=Z60YASsrI9w
200 OK 0 B URL GET HTTP/2 code.moviead55.ru/go/csync?cn=solta&bid=Z60YASsrI9w
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/csync?cn=solta&bid=Z60YASsrI9w HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==; sapecookie=0900007F0118AD673527F14B02D61368
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: image/jpeg
content-length: 0
set-cookie: solta=Z60YASsrI9w; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET mc.acint.net/cmatch?dp=368
200 OK 43 B URL GET HTTP/2 mc.acint.net/cmatch?dp=368
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cmatch?dp=368 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123; cSyncDp241v2=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET acint.net/cmatch?dp=71
200 OK 43 B IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cmatch?dp=71 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123; cSyncDp241v2=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET mc.acint.net/cmatch?dp=313
200 OK 43 B URL GET HTTP/2 mc.acint.net/cmatch?dp=313
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cmatch?dp=313 HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123; cSyncDp241v2=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
204 No Content 0 B URL GET HTTP/1.1 match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
IP
ASN #12695 LLC Digital Network
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectad.qtarget.tech
Fingerprint83:6D:8A:59:FE:66:92:3B:9A:D3:2D:5C:3F:BE:75:7B:77:AE:36:6B
ValiditySun, 17 Nov 2024 08:14:10 GMT - Sat, 15 Feb 2025 08:14:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Wed, 12 Feb 2025 21:52:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
GET match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
204 No Content 0 B URL GET HTTP/1.1 match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
IP
ASN #12695 LLC Digital Network
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectad.qtarget.tech
Fingerprint83:6D:8A:59:FE:66:92:3B:9A:D3:2D:5C:3F:BE:75:7B:77:AE:36:6B
ValiditySun, 17 Nov 2024 08:14:10 GMT - Sat, 15 Feb 2025 08:14:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Wed, 12 Feb 2025 21:52:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
GET match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
204 No Content 0 B URL GET HTTP/1.1 match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
IP
ASN #12695 LLC Digital Network
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectad.qtarget.tech
Fingerprint83:6D:8A:59:FE:66:92:3B:9A:D3:2D:5C:3F:BE:75:7B:77:AE:36:6B
ValiditySun, 17 Nov 2024 08:14:10 GMT - Sat, 15 Feb 2025 08:14:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Wed, 12 Feb 2025 21:52:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
GET match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
204 No Content 0 B URL GET HTTP/1.1 match.qtarget.tech/userbind?src=sape&id=0900007F0118AD673527F14B02D61368
IP
ASN #12695 LLC Digital Network
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectad.qtarget.tech
Fingerprint83:6D:8A:59:FE:66:92:3B:9A:D3:2D:5C:3F:BE:75:7B:77:AE:36:6B
ValiditySun, 17 Nov 2024 08:14:10 GMT - Sat, 15 Feb 2025 08:14:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: match.qtarget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Wed, 12 Feb 2025 21:52:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
GET 979de646-e98b-11ef-b60c-002590c82436.n1.sync.bumlam.com/?src=sape
302 Moved Temporarily 0 B URL GET HTTP/1.1 979de646-e98b-11ef-b60c-002590c82436.n1.sync.bumlam.com/?src=sape
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.n0.sync.bumlam.com
Fingerprint8A:64:2D:65:E4:AF:23:E9:E9:A5:65:CE:FA:72:D9:AC:40:06:A6:8A
ValidityThu, 12 Dec 2024 06:36:43 GMT - Wed, 12 Mar 2025 06:36:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 979de646-e98b-11ef-b60c-002590c82436.n1.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.27.0
Date: Wed, 12 Feb 2025 21:52:03 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
GET pix.bumlam.com/sync/sape/done
200 OK 43 B URL GET HTTP/1.1 pix.bumlam.com/sync/sape/done
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.bumlam.com
FingerprintFA:27:E9:07:AD:CC:4B:BE:CD:11:76:8D:83:E5:CE:4F:A1:20:03:5D
ValidityWed, 12 Feb 2025 12:10:44 GMT - Tue, 13 May 2025 12:10:43 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: suuid3=IiQ5NzlkZTY0Ni1lOThiLTExZWYtYjYwYy0wMDI1OTBjODI0MzY*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET flicksbar.mom/favicon.ico
404 Not Found 2.5 kB URL GET HTTP/1.1 flicksbar.mom/favicon.ico
IP
ASN #44477 Stark Industries Solutions Ltd
Requested by http://flicksbar.mom/series/4365427/
File type HTML document, Unicode text, UTF-8 text
Hash 249fecfad1760ddf43fcd9136acb679b
2f33b4fb604542b501d8c2f44474851366091607
34ce3befb696a937137b6edb420fc0cba756d9a3a060b125ffff7b7c30ca0cd5
GET /favicon.ico HTTP/1.1
Host: flicksbar.mom
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/series/4365427/
Cookie: _ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d; _ohmybid_cmf=1; e1ab51a6fd_delayCount=1; e1ab51a6fd_blockTimer=1; u_e1ab51a6fd=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, public
Content-Encoding: gzip
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/index-f1-v1-a1.m3u8
200 OK 13 kB URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/index-f1-v1-a1.m3u8
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
Hash ebb3a2a8560121af7826c760846eead1
484d634874edcf61e751ca4b52d0603efe1a3a30
ef2652876a2049b6c2a8e5da8a5871268633375a9c4103d302ed175d3f7c26e5
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/index-f1-v1-a1.m3u8 HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: application/vnd.apple.mpegurl
Content-Length: 13054
Connection: keep-alive
ETag: "-1-32fe"
Expires: Wed, 12 Feb 2025 23:52:05 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
200 OK 279 B URL klonenorm.com/bens/vinos.js?27901&mode=redir
IP
ASN #6681 Giveme Cloud Sp Z O O
File type HTML document, ASCII text, with very long lines (490), with no line terminators
Hash 19ebe9b57a1f4b4510b1fac0cbc89cbf
dfe8cfbd41d379e63c26c91b4b69dc88bc184baf
6d83d06ef9fd9559d16c1fa1779ca92489dc653abf52827c29300ff6b0cabf5a
GET /bens/vinos.js?27901&mode=redir HTTP/1.1
Host: klonenorm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=17393971254733215173; expires=Fri, 12-Feb-2027 21:52:05 GMT; Max-Age=63072000; path=/; samesite=None; domain=.klonenorm.com; secure
Content-Encoding: gzip
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
200 OK 97 kB URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
File type MPEG transport stream data
Hash 572fd38fdb927601e1131e9536c6dcff
4ca313aa1577fc2930e7df56efaf5cece1175c7a
c0c8d13fde40e6ff32a1c96c4d9db3988fb0b1220ee7d8ae815c5cd0ff95f246
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: video/MP2T
Content-Length: 96632
Connection: keep-alive
ETag: "-1-17978"
Expires: Wed, 12 Feb 2025 23:52:05 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
200 OK 225 B URL klonenorm.com/clicks/Mjc5MDFfMjc5Njg3XzIzLjAwMjgzNzdfMTNfMTczOTM5NzEyNTQ3MzMyMTUxNzNfMjBfOTEuOTAuNDIuMTU0XjE4MWU4YWVlNjkyZDQwOGY1OTAxYjBiZjc2OGE0OTE5XjAwLjIuMTMuMjAyNQ==
IP
ASN #6681 Giveme Cloud Sp Z O O
File type HTML document, ASCII text, with very long lines (372), with no line terminators
Hash e6d19f85f188b046a4524dae78c2c598
f6f4d7f359842c08e3f89d77d5af31ff643517dc
3721b29e1e815ca859032a07893a238c6e328823b68b7d945604bd69c917d30f
GET /clicks/Mjc5MDFfMjc5Njg3XzIzLjAwMjgzNzdfMTNfMTczOTM5NzEyNTQ3MzMyMTUxNzNfMjBfOTEuOTAuNDIuMTU0XjE4MWU4YWVlNjkyZDQwOGY1OTAxYjBiZjc2OGE0OTE5XjAwLjIuMTMuMjAyNQ== HTTP/1.1
Host: klonenorm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://klonenorm.com/bens/vinos.js?27901&mode=redir
Cookie: uuid=17393971254733215173
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=17393971254733215173; expires=Fri, 12-Feb-2027 21:52:05 GMT; Max-Age=63072000; path=/; samesite=None; domain=.klonenorm.com; secure
Vary: Accept-Encoding
Content-Encoding: gzip
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
200 OK 0 B URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Referer: https://thesaurus.allarknow.online/
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
ETag: "-1-0"
Expires: Wed, 12 Feb 2025 23:52:05 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
206 Partial Content 1 B URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
File type very short file (no magic)
Hash dfcf28d0734569a6a693bc8194de62bf
a36a6718f54524d846894fb04b5b885b4e43e63b
333e0a1e27815d0ceee55c473fe3dc93d56c63e3bee2b3b4aee8eed6d70191a3
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-0
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: video/MP2T
Content-Length: 1
Connection: keep-alive
ETag: "-1-17978"
Expires: Wed, 12 Feb 2025 23:52:05 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Content-Range: bytes 0-0/96632
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts
200 OK 355 kB URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
File type MPEG transport stream data
Size 355 kB (355320 bytes)
Hash 819b642457d0c82e58a73dc0597d0667
069ebe8e65b68cce514fecdfe0f505fe738297dc
3254273a23c64a789036057023aae087cd9afe18704cfde27df1e79e7736f548
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: video/MP2T
Content-Length: 355320
Connection: keep-alive
ETag: "-1-56bf8"
Expires: Wed, 12 Feb 2025 23:52:05 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
302 Found 0 B URL track.wargaming-aff.com/click?pid=6806&offer_id=73&ref_id=15326358021739397125&sub1=410_18338_279687&sub2=3106
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=6806&offer_id=73&ref_id=15326358021739397125&sub1=410_18338_279687&sub2=3106 HTTP/1.1
Host: track.wargaming-aff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://klonenorm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 12 Feb 2025 21:52:05 GMT
content-length: 0
location: https://clk.wargaming.net/jthbmvzb/?t=1&pub_id=6806&xid=67ad1805a20c9f0001f83320&xid_param1=410_18338_279687&xid_param_2=3106
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=67ad1805a20c9f0001f83320; expires=Thu, 12 Feb 2026 21:52:05 GMT; secure; SameSite=None
afoffers={"73":1739397125}; expires=Thu, 12 Feb 2026 21:52:05 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
200 OK 97 kB URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
File type MPEG transport stream data
Hash 572fd38fdb927601e1131e9536c6dcff
4ca313aa1577fc2930e7df56efaf5cece1175c7a
c0c8d13fde40e6ff32a1c96c4d9db3988fb0b1220ee7d8ae815c5cd0ff95f246
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: video/MP2T
Content-Length: 96632
Connection: keep-alive
ETag: "-1-17978"
Expires: Wed, 12 Feb 2025 23:52:05 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts
200 OK 355 kB URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
File type MPEG transport stream data
Size 355 kB (355320 bytes)
Hash 819b642457d0c82e58a73dc0597d0667
069ebe8e65b68cce514fecdfe0f505fe738297dc
3254273a23c64a789036057023aae087cd9afe18704cfde27df1e79e7736f548
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: video/MP2T
Content-Length: 355320
Connection: keep-alive
ETag: "-1-56bf8"
Expires: Wed, 12 Feb 2025 23:52:05 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
301 Moved Permanently 22 B URL clk.wargaming.net/jthbmvzb/?t=1&pub_id=6806&xid=67ad1805a20c9f0001f83320&xid_param1=410_18338_279687&xid_param_2=3106
IP
ASN #199524 G-Core Labs S.A.
File type ASCII text, with no line terminators
Hash 0e0bf67572311f8a23814419ff24ee9a
78328dfc54708433cdfb3e7857e57f87ec443b08
c5f6c267ba4a2964fff5d304d4a1e79c371ce30d32eaf017b3bb40becccd58d2
GET /jthbmvzb/?t=1&pub_id=6806&xid=67ad1805a20c9f0001f83320&xid_param1=410_18338_279687&xid_param_2=3106 HTTP/1.1
Host: clk.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://klonenorm.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 12 Feb 2025 21:52:05 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 22
Connection: keep-alive
Location: https://promo.worldofwarships.eu/glows-30077/eu-no/?t=1&pub_id=6806&xid=67ad1805a20c9f0001f83320&xid_param1=410_18338_279687&xid_param_2=3106&sid=SIDo5dCwEW67UdtQuW4TL1FPFYQFv8a4rqftmklpLIpMaLIGgTDwGbmA8Xs9GIQCcSLMv4Ujp0looYkTVV4wgErpNN_qyN5LWKKooEx1wcXUVE6uipWzTFpSNVfleXnOdQRMoCXSvxLw6s&enctid=d7qstkes7acd&lpsn=WOWS+Marketing+LP+template+1+bgBattleOfMidway&foris=1&teclient=1739397125971048254&utm_source=wlap&utm_medium=affiliate&utm_campaign=jthbmvzb&utm_content=6806
Set-Cookie: STIDREFERRAL=SIDo5dCwEW67UdtQuW4TL1FPFYQFv8a4rqftmklpLIpMaLIGgTDwGbmA8Xs9GIQCcSLMv4Ujp0looYkTVV4wgErpNN_qyN5LWKKooEx1wcXUVE6uipWzTFpSNVfleXnOdQRMoCXSvxLw6s; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
enctid=d7qstkes7acd; Domain=wargaming.net; Max-Age=2592000; Path=/; SameSite=None; Secure
teclient=1739397125971048254; Domain=wargaming.net; Max-Age=315360000; Path=/; SameSite=None; Secure
Cache-Control: no-cache
200 OK 10 kB URL promo-cdn.worldofwarships.com/glows-30077/src/images/wowsl_logo.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 749 x 299, 8-bit colormap, non-interlaced
Hash 4d9371a87a4f9a0d6a8792e0397aa303
1308b49f8614f0ab05e81698daf5bfc4a2498bf0
68ddcc9fad945493001c241d8de6fb9acdd436bc82bff503302dbffa64f4f5ed
GET /glows-30077/src/images/wowsl_logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: image/png
content-length: 10514
traceparent: 00-11c783e6c01a7cbbf13b7f2f01142828-214dea519ca10a64-01
x-id-fe: osix-hw-edge-gc4
last-modified: Fri, 14 Jun 2024 14:30:06 GMT
x-rgw-object-type: Normal
etag: "4d9371a87a4f9a0d6a8792e0397aa303"
x-amz-request-id: tx00000fa46938f75ece8d5-006788e4ba-241dff9f-ed1
x-id: osix-hw-edge-gc4
age: 293181
access-control-allow-origin: *
cache: HIT
x-cached-since: 2025-02-09T12:25:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
200 OK 1.9 kB URL promo-cdn.worldofwarships.com/glows-30077/src/images/footer-logo.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 275 x 63, 8-bit colormap, non-interlaced
Hash 7ce94cd1324102c254e60ced58661dc3
b76e3b4e14cf98aa766788bc8cf4fbc97058fec0
fdd269a537d61d3fafbef167c6c7e22ae7707217427b506674f5f0d2f3caed48
GET /glows-30077/src/images/footer-logo.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: image/png
content-length: 1939
traceparent: 00-b29b6457aae2be0012a1781c9ba58851-20a78cebd70a3409-01
x-id-fe: osix-hw-edge-gc4
last-modified: Fri, 14 Jun 2024 14:30:06 GMT
x-rgw-object-type: Normal
etag: "7ce94cd1324102c254e60ced58661dc3"
x-amz-request-id: tx00000f8ea8e11fa8418a9-006788e4ba-241e3ceb-ed1
x-id: osix-hw-edge-gc4
age: 293181
access-control-allow-origin: *
cache: HIT
x-cached-since: 2025-02-09T12:25:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
200 OK 836 kB URL promo-cdn.worldofwarships.com/glows-30077/src/images/BattleOfMidway-min.jpg
IP
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 4200x1976, components 3
Size 836 kB (835791 bytes)
Hash c3ef20154c2e846ef6fc96900295b47f
1acaec2f2bef4d31ab5993d42703cc161122a89c
ac9541e8e7ac96c41a4f89d5f05c44b9646beab1d44009d70b0e0b8ecfd66778
GET /glows-30077/src/images/BattleOfMidway-min.jpg HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: image/jpeg
content-length: 835791
traceparent: 00-99404770b34666c1481088b4595c82fb-850f7f80203e302b-01
x-id-fe: osix-hw-edge-gc4
last-modified: Fri, 14 Jun 2024 14:30:06 GMT
x-rgw-object-type: Normal
etag: "c3ef20154c2e846ef6fc96900295b47f"
x-amz-request-id: tx00000f7eaf41764d665ba-006788e4bb-241e3eb3-ed1
x-id: osix-hw-edge-gc4
age: 293181
access-control-allow-origin: *
cache: HIT
x-cached-since: 2025-02-09T12:25:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
200 OK 92 kB URL promo-cdn.worldofwarships.com/glows-30077/src/fonts/robotocondensed-regular.woff
IP
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92000, version 1.0
Hash 390bd5d824e087653e297bdd9b369153
98d3f9b6c56788ca8a31212c8edc71e476a97bec
b32cf642f870c95b900ad763b21c6278701e4a4de13ac6f28e2da2a891a1706b
GET /glows-30077/src/fonts/robotocondensed-regular.woff HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Referer: https://promo-cdn.worldofwarships.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:06 GMT
content-length: 92000
traceparent: 00-677fc9dcf1600606597e076a47840006-bd269dd23a411755-01
x-id-fe: osix-hw-edge-gc4
last-modified: Fri, 14 Jun 2024 14:30:06 GMT
x-rgw-object-type: Normal
etag: "390bd5d824e087653e297bdd9b369153"
x-amz-request-id: tx00000871a4e058389b436-006788e4bb-241dff9f-ed1
x-id: osix-hw-edge-gc4
age: 293181
access-control-allow-origin: *
cache: HIT
x-cached-since: 2025-02-09T12:25:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
200 OK 92 kB URL promo-cdn.worldofwarships.com/glows-30077/src/fonts/robotocondensed-bold.woff
IP
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format, TrueType, length 92496, version 1.0
Hash fb69d9cc5aea733510b530ed221b75dc
86276b2f2dfb7b42dc1639730c0bec56aa709be4
3b063cd5ae1793c617df8450a6c4343f7493ad006a574d9c3e9f7e81be9578f8
GET /glows-30077/src/fonts/robotocondensed-bold.woff HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Referer: https://promo-cdn.worldofwarships.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:06 GMT
content-length: 92496
traceparent: 00-fc8f06756149d732763760b055bdefc5-706cd49f72183c84-01
x-id-fe: osix-hw-edge-gc4
last-modified: Fri, 14 Jun 2024 14:30:06 GMT
x-rgw-object-type: Normal
etag: "fb69d9cc5aea733510b530ed221b75dc"
x-amz-request-id: tx0000028cb62c5de568c60-006788e4bb-241e3ceb-ed1
x-id: osix-hw-edge-gc4
age: 293181
access-control-allow-origin: *
cache: HIT
x-cached-since: 2025-02-09T12:25:45+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
200 OK 7.2 kB URL cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
File type JavaScript source, ASCII text, with very long lines (22445)
Hash ce4983a0a113aa01f62ce9f3e8c4d63d
4565e0af74d87dac4d4385bb4b754ac8861b75a9
52e5401f96ca9a7fc38248bf9469bdc7006f53de52d7abfec96f4a39cf665d6d
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: application/javascript
content-length: 7211
content-encoding: gzip
content-md5: TR3+yr7DZCz8Fh2PJMSBjQ==
last-modified: Tue, 11 Feb 2025 07:31:52 GMT
etag: 0x8DD4A6E273909D7
x-ms-request-id: fdc5f320-e01e-00a7-808e-7caa69000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 68302
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 910fcdc94af41c0a-OSL
X-Firefox-Spdy: h2
200 OK 6.6 kB URL tenor.wargaming.net/assets/campaigns/static/campaign_data_gtm_sender.js
IP
ASN #199524 G-Core Labs S.A.
File type JavaScript source, ASCII text, with very long lines (7249)
Hash 711c57293aa20e4f2d21d7c8b38c5f63
5ec943ef37a012492800a895a5daa1aeee5fb45e
2fdf96c93ca806e280a916694711653bcf3f0e0294693ed086e34e7e5d51368a
GET /assets/campaigns/static/campaign_data_gtm_sender.js HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 12 Feb 2025 21:52:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Last-Modified: Tue, 28 Jan 2025 11:39:17 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6798c1e5-4ced"
Content-Encoding: gzip
200 OK 18 kB URL cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js
IP
File type JavaScript source, ASCII text, with very long lines (63504)
Hash dcd24770828613122043fd3b37cf8b85
edf7dbea42dbed0157a5cdcd68671ede727da187
59d9d745a96fbe3bacd4300e2e5294e0d89ce6ed93747dca2fea7ce9cc9a8a51
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/OtAutoBlock.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: application/javascript
content-length: 17528
cf-ray: 910fcdc95afc1c0a-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 2945
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DD2F5B43C90889
expires: Thu, 13 Feb 2025 21:52:06 GMT
last-modified: Tue, 07 Jan 2025 20:38:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: pdEOt+tNFqdecY09GjvTAQ==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 23ff15e9-f01e-0019-5944-61bfe2000000
x-ms-version: 2009-09-19
cross-origin-resource-policy: cross-origin, cross-origin
server: cloudflare
X-Firefox-Spdy: h2
200 OK 3.7 kB URL cdn.cookielaw.org/consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json
IP
Hash e1132ee7e67cf0a9a1f6dfd39e05447e
b13baa0fc811528b6c5205370cb6fbc95e329cf9
1ce5396def166117ef7a5a23d6056194b6f8fed8edf77d00ce4e1e7f20294b86
GET /consent/68edbfbe-e009-4939-a55b-f4c65daa640b/68edbfbe-e009-4939-a55b-f4c65daa640b.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: application/json
content-length: 3670
cf-ray: 910fcdc97b251c0a-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 65902
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DD2F5B47E75F82
expires: Thu, 13 Feb 2025 21:52:06 GMT
last-modified: Tue, 07 Jan 2025 20:38:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: Xx7POSGougqec6bEdQqxfA==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 682cbf45-601e-003e-1844-6125ab000000
x-ms-version: 2009-09-19
cross-origin-resource-policy: cross-origin, cross-origin
server: cloudflare
X-Firefox-Spdy: h2
200 OK 498 B URL tenor.wargaming.net/sid?include=campaign&filter[sid]=SIDo5dCwEW67UdtQuW4TL1FPFYQFv8a4rqftmklpLIpMaLIGgTDwGbmA8Xs9GIQCcSLMv4Ujp0looYkTVV4wgErpNN_qyN5LWKKooEx1wcXUVE6uipWzTFpSNVfleXnOdQRMoCXSvxLw6s
IP
ASN #199524 G-Core Labs S.A.
Hash 352756f4852bbfb6a88a7577ec37fe63
b15159cc75a9e5316745c28b04ac3e761d1159c1
52d8f6f0e297aeb7396d8c6dd46817d714e217a199d188b88d3ad44dfcd54e4a
GET /sid?include=campaign&filter[sid]=SIDo5dCwEW67UdtQuW4TL1FPFYQFv8a4rqftmklpLIpMaLIGgTDwGbmA8Xs9GIQCcSLMv4Ujp0looYkTVV4wgErpNN_qyN5LWKKooEx1wcXUVE6uipWzTFpSNVfleXnOdQRMoCXSvxLw6s HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 12 Feb 2025 21:52:06 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Vary: Accept-Encoding
Access-Control-Expose-Headers: Server,Date,Content-Length
Access-Control-Allow-Origin: https://promo.worldofwarships.eu
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
200 OK 115 kB URL cdn.cookielaw.org/scripttemplates/202411.2.0/otBannerSdk.js
IP
File type JavaScript source, ASCII text, with very long lines (65451)
Size 115 kB (114856 bytes)
Hash 560c4c91ea46891d010c2b5a5adeca49
bcd972d30033fe13948474caf5535bf8481b7e31
ae29f342c886f7bb3f3e15bfe148c32f3369bd03906f585fa4a3aa7a9b1041b0
GET /scripttemplates/202411.2.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: application/javascript
content-length: 114856
content-encoding: gzip
content-md5: 3Tj+MtO+kF+ccVkOGtcGGA==
last-modified: Mon, 16 Dec 2024 15:17:10 GMT
etag: 0x8DD1DE4B60BA578
x-ms-request-id: 8fbd2985-501e-0097-3a7f-50f043000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 73556
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 910fcdca4bcb1c0a-OSL
X-Firefox-Spdy: h2
200 OK 115 kB URL www.googletagmanager.com/gtm.js?id=GTM-58Z37MT
IP
File type JavaScript source, ASCII text, with very long lines (40455)
Size 115 kB (114731 bytes)
Hash 0434a3159fa2b9266d8ac4ab71134ce1
78436ebe37e2dc09bdb3e6540b158954541b5e1e
6180958b52dbf1810f23c25c531d76431362d8f7f13ca327c6b29ea9ecb21fe3
GET /gtm.js?id=GTM-58Z37MT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 12 Feb 2025 21:52:06 GMT
expires: Wed, 12 Feb 2025 21:52:06 GMT
cache-control: private, max-age=900
last-modified: Wed, 12 Feb 2025 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1245:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1245:0
report-to: {"group":"ascgcycc:1245:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1245:0"}],}
server: Google Tag Manager
content-length: 114731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
200 OK 14 kB URL geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
File type New Line Delimited JSON text data
Hash 2f64278231a67c176f51915226f01a2a
495e545d1467500f78a502d54b8d43a74783eb34
bc01d0016102bbde5503cc9722a76bae8d45c5d0a25dab7f377a83956cb2b727
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 910fcdc9f9a8b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
200 OK 175 kB URL www.googletagmanager.com/gtm.js?id=GTM-58QVDL8
IP
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (64927)
Size 175 kB (174607 bytes)
Hash ef43076f447557f775377fe57770de20
a7f6a80ae10254e35bbd3b644f9f8340ecbeff69
5738fb3ff791125ac6d60bde3229f38d4bbb661d2581eacc79170525710e7578
GET /gtm.js?id=GTM-58QVDL8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 12 Feb 2025 21:52:06 GMT
expires: Wed, 12 Feb 2025 21:52:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1245:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1245:0
report-to: {"group":"ascgcycc:1245:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1245:0"}],}
server: Google Tag Manager
content-length: 174607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
200 OK 3.0 kB URL cdn.cookielaw.org/scripttemplates/202411.2.0/assets/otFlat.json
IP
Hash 23e8424aa65b5cc6f0693ec20c2ceae0
0f4f59077d295d0799b9b02c0da2076f7dd73960
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
GET /scripttemplates/202411.2.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: application/json
content-length: 3003
content-encoding: gzip
content-md5: usBT9HeRcw6UvWQiY/P1KQ==
last-modified: Mon, 16 Dec 2024 15:17:02 GMT
etag: 0x8DD1DE4B1D74480
x-ms-request-id: 95c54f20-f01e-00de-7244-61c323000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2396
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 910fcdcb4c9c1c0a-OSL
X-Firefox-Spdy: h2
200 OK 13 kB URL cdn.cookielaw.org/scripttemplates/202411.2.0/assets/v2/otPcCenter.json
IP
Hash 9509fac0d668d9c58b29bcaab88aff3c
fd7112cb316411a17a0d518b329f164f159b72c3
aa9b802517c842d2b273a61895b70e180cd2dae00672bb2995b04b2482779fca
GET /scripttemplates/202411.2.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: application/json
content-length: 12841
content-encoding: gzip
content-md5: fDQkbkE+dJJxCaoU+fD/jA==
last-modified: Mon, 16 Dec 2024 15:17:05 GMT
etag: 0x8DD1DE4B3408AB4
x-ms-request-id: 27548505-e01e-0042-7744-61b89e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2396
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 910fcdcb4ca91c0a-OSL
X-Firefox-Spdy: h2
200 OK 6.5 kB URL cdn.cookielaw.org/scripttemplates/202411.2.0/assets/otCommonStyles.css
IP
File type gzip compressed data, from Unix
Hash 6c28012d564b95f3c48493b1abc4faad
b92048816a99bb008a11e687f7669e2b4b4c6d3e
1a49dc318376d339b42a4774bb5c15bc1ce2f1ed387a69a71bf93f0b20a497c3
GET /scripttemplates/202411.2.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: text/css
content-md5: vT8pSnMGi2T05S5Sw+4ubg==
last-modified: Mon, 16 Dec 2024 15:17:15 GMT
x-ms-request-id: 8c2afa76-801e-007b-6f44-61f83a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2396
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 910fcdcb9cf11c0a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
200 OK 1.2 kB URL promo-cdn.worldofwarships.com/global_static/favicon/v2/favicon-64x64.png
IP
ASN #199524 G-Core Labs S.A.
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Hash de30b29e8bbc72b7828734d5d781b9eb
9d5fb51148291180b45d9481b756eb7fc2d4a352
e47efd1c616db1a5564776f4be806183ee085c80d2d3722d3f8d5a06115e46ee
GET /global_static/favicon/v2/favicon-64x64.png HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: image/png
content-length: 1198
traceparent: 00-55f95c8a9bcc89d3591b2a40ad81ef0f-38327b9b8229b8f2-01
x-id-fe: osix-hw-edge-gc4
last-modified: Tue, 09 Jan 2024 12:16:16 GMT
x-rgw-object-type: Normal
etag: "de30b29e8bbc72b7828734d5d781b9eb"
x-amz-request-id: tx00000acff4c44a5d5d7f0-006788d89a-241de452-ed1
x-id: osix-hw-edge-gc4
age: 301561
access-control-allow-origin: *
cache: HIT
x-cached-since: 2025-02-09T10:06:05+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
200 OK 5.4 kB URL tenor.wargaming.net/assets/device/static/collect.js
IP
ASN #199524 G-Core Labs S.A.
File type JavaScript source, ASCII text, with very long lines (7249)
Hash 6d7ba4b4b6cb1c4ed72d4c1ceb8775cc
c72bc3f5fa7c52a7342c3cb4bf40b7c4254ee11a
43f6b825bd0ac679683125f2247d28d6f00e4ff85934b37ae7a5e459cd476c8f
GET /assets/device/static/collect.js HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 12 Feb 2025 21:52:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=200
Last-Modified: Tue, 28 Jan 2025 11:39:17 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6798c1e5-3ac2"
Content-Encoding: gzip
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
200 OK 97 kB URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
File type MPEG transport stream data
Hash 572fd38fdb927601e1131e9536c6dcff
4ca313aa1577fc2930e7df56efaf5cece1175c7a
c0c8d13fde40e6ff32a1c96c4d9db3988fb0b1220ee7d8ae815c5cd0ff95f246
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-1-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:07 GMT
Content-Type: video/MP2T
Content-Length: 96632
Connection: keep-alive
ETag: "-1-17978"
Expires: Wed, 12 Feb 2025 23:52:07 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
200 OK 3.5 kB URL cdn.cookielaw.org/logos/04fe1919-d767-41dc-abd4-f409a111f829/cd82798e-491a-487f-9cbf-bbf5854455f3/0efb25f4-ab70-4ebe-90dc-54345de4f4b7/WG_Logo_SecondVersion_white_1.png
IP
File type PNG image data, 240 x 80, 8-bit/color RGBA, non-interlaced
Hash 9799bbefa71db36fe646d3602a177ca0
31272c21f4ae8677b24f7c93e555dc9873de16d2
016c617a5fbdd5ca9a1552cf6421f452639c95e255906fef3c4a3dda0dc6ffe5
GET /logos/04fe1919-d767-41dc-abd4-f409a111f829/cd82798e-491a-487f-9cbf-bbf5854455f3/0efb25f4-ab70-4ebe-90dc-54345de4f4b7/WG_Logo_SecondVersion_white_1.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 12 Feb 2025 21:52:07 GMT
content-type: image/png
content-length: 3471
content-md5: l5m776cds2/mRtNgKhd8oA==
last-modified: Wed, 24 Jan 2024 17:11:49 GMT
etag: 0x8DC1CFF8D9F5A9D
x-ms-request-id: a90a0942-b01e-005a-5395-41950b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 60529
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 910fcdd049f61c0a-OSL
X-Firefox-Spdy: h2
GET 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts
200 OK 355 kB URL GET HTTP/1.1 3f4-a64-207gv.video-ik-ok-ii.space/m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectvideo-ik-ok-ii.space
Fingerprint8B:7E:82:BD:18:F5:2A:CB:D8:10:44:9F:C6:14:53:18:F8:CC:4A:53
ValidityMon, 23 Dec 2024 21:09:45 GMT - Sun, 23 Mar 2025 21:09:44 GMT
File type MPEG transport stream data
Size 355 kB (355320 bytes)
Hash 819b642457d0c82e58a73dc0597d0667
069ebe8e65b68cce514fecdfe0f505fe738297dc
3254273a23c64a789036057023aae087cd9afe18704cfde27df1e79e7736f548
GET /m2/19/0/1739418721/by9Yoz5vjh2_P9GI1jV1Vg/2/480/1/689117/seg-2-f1-v1-a1.ts HTTP/1.1
Host: 3f4-a64-207gv.video-ik-ok-ii.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:07 GMT
Content-Type: video/MP2T
Content-Length: 355320
Connection: keep-alive
ETag: "-1-56bf8"
Expires: Wed, 12 Feb 2025 23:52:07 GMT
Cache-Control: max-age=7200
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
200 OK 5.1 kB URL promo-cdn.worldofwarships.com/glows-30077/src/styles/style.css
IP
ASN #199524 G-Core Labs S.A.
Hash 643657ae8d9bc9d8f9479a629bf3640a
48fa27b7c9d0d0b51301c6684d232b9df1473db1
1e1ab058501d5ac5733e67dabde03e684479082de929075722f515f2539132f4
GET /glows-30077/src/styles/style.css HTTP/1.1
Host: promo-cdn.worldofwarships.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:06 GMT
content-type: text/css; charset=utf-8
traceparent: 00-3967b369a92ddd220860732ca27c2d02-92679139ca16f26c-01
x-id-fe: osix-hw-edge-gc4
last-modified: Fri, 14 Jun 2024 14:30:06 GMT
x-rgw-object-type: Normal
etag: W/"643657ae8d9bc9d8f9479a629bf3640a"
x-amz-request-id: tx0000064fe53f8d67e1f2a-006788e4ba-241dff9f-ed1
x-id: osix-hw-edge-gc4
age: 293181
access-control-allow-origin: *
cache: HIT
x-cached-since: 2025-02-09T12:25:45+00:00
content-encoding: gzip
X-Firefox-Spdy: h2
204 No Content 0 B IP
ASN #199524 G-Core Labs S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cf HTTP/1.1
Host: tenor.wargaming.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.worldofwarships.eu/
Content-Type: application/json
Content-Length: 311
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: openresty
Date: Wed, 12 Feb 2025 21:52:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
Keep-Alive: timeout=200
Access-Control-Expose-Headers: Content-Length,Date,Server
Access-Control-Allow-Origin: https://promo.worldofwarships.eu
Access-Control-Allow-Credentials: true
POST thesaurus.allarknow.online/stat
200 OK 166 B URL POST HTTP/2 thesaurus.allarknow.online/stat
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
Hash b4fcbbd69934b368c1add88a572c4332
3f2fc850cb47678f604db11e8b3b9ef6116cdc55
44677e1e753b3e9068ea9dd25d545cb71462a5fb08ce932569678aaf27b282cd
POST /stat HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 262
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:07 GMT
content-type: application/json
cache-control: no-cache, private
x-content-type-options: nosniff
bn: mm-12
strict-transport-security: max-age=31536000;
be: main_site_ssl
X-Firefox-Spdy: h2
GET code.moviead55.ru/vjs2.php?bid=R-A-13494186-1
200 OK 11 kB URL GET HTTP/2 code.moviead55.ru/vjs2.php?bid=R-A-13494186-1
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type gzip compressed data, from Unix
Hash 0c19fbc122f3e18e8cb4a6ded1d6d1be
35655949e98177e595e91172337c5fd12346bc00
a50e555b633165de829b1e05d7e56e8354994df0e8ccdd4dc182d5d727245346
GET /vjs2.php?bid=R-A-13494186-1 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==; sapecookie=0900007F0118AD673527F14B02D61368; solta=Z60YASsrI9w; 465rmads=1739397132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:12 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
200 OK 339 B URL static.filmskino.site/hls/trailers/ZoxJy7yXq84.mp4/index.m3u8
IP
ASN #6681 Giveme Cloud Sp Z O O
Hash 7cb53c5703f464ecaf46fc3d87112ab6
c109cb21cf0b98b3e1d1fb4ea37a4c0b6356bf48
c0112dbdac5a05b1865be84bc60024b296231dc07cf2172aee9c6a1f9d4cf205
GET /hls/trailers/ZoxJy7yXq84.mp4/index.m3u8 HTTP/1.1
Host: static.filmskino.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videotoday.site
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:22 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"3a1794b0-10ab"
Expires: Fri, 23 May 2025 21:52:22 GMT
Cache-Control: max-age=8640000
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
200 OK 535 kB URL user91471.clients-cdnnow.ru/vp_dist/hls.js?ver=3
IP
Certificate IssuerLet's Encrypt
Subject*.clients-cdnnow.ru
Fingerprint69:F1:71:81:E4:B1:67:BE:39:1F:96:52:00:86:84:F9:41:06:79:AA
ValidityWed, 27 Nov 2024 11:51:10 GMT - Tue, 25 Feb 2025 11:51:09 GMT
File type gzip compressed data, from Unix
Size 535 kB (535036 bytes)
Hash ff559a19b0bfcaac287d0ae479b343a2
2e80568bac7ff7d864d531fb65d47f29d351a7a6
8827d889d4a779e5a681441d8062b1573806fe9039f8824d03260dea80a6490f
GET /vp_dist/hls.js?ver=3 HTTP/1.1
Host: user91471.clients-cdnnow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:22 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2024 14:56:11 GMT
vary: Accept-Encoding
etag: W/"65e7328b-1132d6"
x-movieads-country: RU
content-encoding: gzip
x-edge-cache: HIT
x-edge-ip: 172.19.32.3
X-Firefox-Spdy: h2
200 OK 178 kB URL static.filmskino.site/hls/trailers/ZoxJy7yXq84.mp4/seg-2-v1-a1.ts
IP
ASN #6681 Giveme Cloud Sp Z O O
File type MPEG transport stream data
Size 178 kB (177848 bytes)
Hash d36e94377ed8f6c6f4bfbc360ddbbe14
2b65f34b6fa6506d2a841eb933a5406a0d95b742
67a472955a6a8d23052b6c530f65f34dc0bc80e969d966b4fe35d64d134f52fe
GET /hls/trailers/ZoxJy7yXq84.mp4/seg-2-v1-a1.ts HTTP/1.1
Host: static.filmskino.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videotoday.site
DNT: 1
Connection: keep-alive
Referer: https://videotoday.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:23 GMT
Content-Type: video/MP2T
Content-Length: 177848
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Connection: keep-alive
ETag: "3a1794b0-2b6b8"
Expires: Fri, 23 May 2025 21:52:23 GMT
Cache-Control: max-age=8640000
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
201 Created 0 B URL wargaming-privacy.my.onetrust.com/request/v1/consentreceipts
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /request/v1/consentreceipts HTTP/1.1
Host: wargaming-privacy.my.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 11207
Origin: https://promo.worldofwarships.eu
DNT: 1
Connection: keep-alive
Referer: https://promo.worldofwarships.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Wed, 12 Feb 2025 21:52:24 GMT
content-length: 0
via: 1.1 turnstile
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 910fce386d7356bd-OSL
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=otclkbid&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
set-cookie: sky_uuid=de9cd429-8ca9-b931-4d93-132bf5335ba2; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET logger.moviead55.ru/logger?v=03208824bea369b060dba1f2083d6a4c&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.755%2C%22version%22%3A%221738665979926%22%2C%22vt%22%3A100%2C%22dv%22%3Atrue%2C%22l%22%3A%22http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A1280%2C%22ih%22%3A330%7D%7D&o=&s2=1
200 OK 70 B URL GET HTTP/1.1 logger.moviead55.ru/logger?v=03208824bea369b060dba1f2083d6a4c&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.755%2C%22version%22%3A%221738665979926%22%2C%22vt%22%3A100%2C%22dv%22%3Atrue%2C%22l%22%3A%22http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A1280%2C%22ih%22%3A330%7D%7D&o=&s2=1
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger?v=03208824bea369b060dba1f2083d6a4c&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.755%2C%22version%22%3A%221738665979926%22%2C%22vt%22%3A100%2C%22dv%22%3Atrue%2C%22l%22%3A%22http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A1280%2C%22ih%22%3A330%7D%7D&o=&s2=1 HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 12 Feb 2025 21:52:02 GMT
Content-Type: Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Logger-Le: true
X-Logger-Tdb: default
X-Movieads-Country: NO
Content-Encoding: gzip
GET ads.adlook.me/csync?pid=sape&uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
302 Found 0 B URL GET HTTP/2 ads.adlook.me/csync?pid=sape&uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110
IP
ASN #48096 Enterprise Cloud Ltd.
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGlobalSign nv-sa
Subject*.adlook.me
FingerprintEC:68:0D:59:54:E2:F9:8B:64:AF:D3:13:96:8F:52:91:8F:5E:05:7A
ValidityFri, 28 Jun 2024 08:08:42 GMT - Wed, 30 Jul 2025 08:08:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?pid=sape&uid=0900007F0118AD673527F14B02D61368&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D110%26euid%3D%7BuserId%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D110 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://mc.acint.net/rmatch?dp=110&euid=5929e757c980492b9181d7b5ef32c1c4&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D110
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=5929e757c980492b9181d7b5ef32c1c4; expires=Thu, 12 Feb 2026 21:00:00 GMT; path=/; secure; samesite=none
adlk_cmatch=sape%3A0900007F0118AD673527F14B02D61368; expires=Fri, 31 Dec 9999 20:59:59 GMT; path=/; secure; samesite=none
date: Wed, 12 Feb 2025 21:52:01 GMT
X-Firefox-Spdy: h2
GET logger.moviead55.ru/logger?t=target_country_load&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22firefox%5C%22%2C%5C%22version%5C%22%3A%5C%22134%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=03208824bea369b060dba1f2083d6a4c&o=
200 OK 70 B URL GET HTTP/2 logger.moviead55.ru/logger?t=target_country_load&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22firefox%5C%22%2C%5C%22version%5C%22%3A%5C%22134%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=03208824bea369b060dba1f2083d6a4c&o=
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger?t=target_country_load&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22firefox%5C%22%2C%5C%22version%5C%22%3A%5C%22134%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=03208824bea369b060dba1f2083d6a4c&o= HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:51:59 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-logger-le: true
x-logger-tdb: default
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/jmap?v=03208824bea369b060dba1f2083d6a4c&sid=ap&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&it=1&tq=2&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d&session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&position=pre&vt=100&ostream=true&isp=0&suri=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&rnd=1739397122421&raw=yes&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d
200 OK 22 kB URL GET HTTP/2 code.moviead55.ru/go/jmap?v=03208824bea369b060dba1f2083d6a4c&sid=ap&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&it=1&tq=2&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d&session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&position=pre&vt=100&ostream=true&isp=0&suri=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&rnd=1739397122421&raw=yes&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash 54cb68cd377e612186260d7d3c691843
fbcd39ae26264b9a2bc61a26908042d9ef80bd77
884e38078a4e37f4e5f63cd54f01a8a477fc45fe2f9a851a0c30f4a9de116f8a
GET /go/jmap?v=03208824bea369b060dba1f2083d6a4c&sid=ap&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&it=1&tq=2&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d&session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&position=pre&vt=100&ostream=true&isp=0&suri=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&rnd=1739397122421&raw=yes&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-cors-qex: Referer
x-skyadvert-path: /
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-go-country: NO
x-skyadvert-udata: cache,parsed,25430
x-skyadvert-plc: 0
x-skyadvert-ark: true
x-skyadvert-qmc: NO
x-skyadvert-rdb: 0
x-skyadvert-alc: 3
x-skyadvert-ctvs: 3
server-timing: keyValidation;dur=0.0000, optProc;dur=0.0000, uData;dur=0.0000, getAnyQueue;dur=0.0000, buildTagsQueue;dur=1.0000, range_links;dur=0.0000, validations_430;dur=0.0000, queueSort;dur=0.0000, jmapParams;dur=0.0000, wmData;dur=0.0000, initBuilder;dur=0.0000, getLinks;dur=1.0000, validations_428;dur=0.0000, queuesMerge;dur=0.0000, attachTracking;dur=0.0000, corsParams;dur=0.0000, qManager;dur=1.0000, validations_429;dur=0.0000, getJson;dur=0.0000
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET thesaurus.allarknow.online/build/app.af43c1a0.css
200 OK 45 kB URL GET HTTP/2 thesaurus.allarknow.online/build/app.af43c1a0.css
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /build/app.af43c1a0.css HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:00 GMT
content-type: text/css
last-modified: Wed, 12 Feb 2025 20:02:28 GMT
etag: W/"67acfe54-af28"
expires: Tue, 13 May 2025 20:03:42 GMT
cache-control: max-age=7776000
bn: mm-10
strict-transport-security: max-age=31536000;
content-encoding: gzip
be: main_site_ssl
x-cache: HIT
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=solta&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=solta&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=solta&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://kimberlite.io/rtb/sync/skyadvert?u=f5819827-0e4b-3ce0-0249-19cec2e6c3e7
set-cookie: sky_uuid=f5819827-0e4b-3ce0-0249-19cec2e6c3e7; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus3&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
200 OK 490 B URL GET HTTP/2 code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus3&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type XML document, ASCII text, with very long lines (516), with no line terminators
Hash cc083e495f493e9fa2a18dfd359a8bf8
3fac9a640f270c7ded585d4ac1152eb5b66e7017
39dc757d9f22127b7cef421ade00238080f2e8bd466cdfa47e559eb469769ff5
GET /vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus3&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==; sapecookie=0900007F0118AD673527F14B02D61368; solta=Z60YASsrI9w; 465rmads=1739397132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:16 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-cors-qex: Referer
x-skyadvert-path: /
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-skyadvert-udata: cache,parsed,184644
x-skyadvert-referrer: http://flicksbar.mom/
x-cache-source: Rist
x-skyadvert-mrc: no
x-skyadvert-ref: {"Scheme":"http","Opaque":"","User":null,"Host":"flicksbar.mom","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 467rmads=1739397136; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
POST pc.playjusting.com/list.php
200 OK 26 B URL POST HTTP/2 pc.playjusting.com/list.php
IP
ASN #205125 Network Management Ltd
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectv-2.alloha.tv
FingerprintF7:68:17:3C:74:D8:55:63:94:88:BF:1D:8A:D4:21:27:C3:16:DB:BC
ValidityTue, 14 Jan 2025 21:04:32 GMT - Mon, 14 Apr 2025 21:04:31 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6db6510c6dfd79586815b742ee63e055
974e4dd4a9160da95ea0cf8f0de003fa2d88183f
16aa9ae266ca79f0e0cc582f2de39cd84e4c4f9c398e6e84433ce886d5430acb
POST /list.php HTTP/1.1
Host: pc.playjusting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 229
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:07 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.2.25
access-control-allow-origin: https://thesaurus.allarknow.online
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
be: main_site_ssl
X-Firefox-Spdy: h2
GET vak345.com/s.js?v=03208824bea369b060dba1f2083d6a4c
200 OK 25 kB URL GET HTTP/2 vak345.com/s.js?v=03208824bea369b060dba1f2083d6a4c
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectvak345.com
Fingerprint67:21:27:D6:59:23:57:91:A2:03:D9:4A:21:D9:1A:DC:E0:C7:AA:B9
ValiditySat, 01 Feb 2025 16:33:35 GMT - Fri, 02 May 2025 16:33:34 GMT
File type JavaScript source, ASCII text, with very long lines (24878), with no line terminators
Hash dc1710d660b2e860e1f87db7afb41814
56b7eec2ac54b480ee37ebf706e3dad27d2e8847
2391c1bc9b67979b2c177b8494faf6101d8cd9331e99bba30edee88532ebe65a
GET /s.js?v=03208824bea369b060dba1f2083d6a4c HTTP/1.1
Host: vak345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:51:59 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-raw:
x-build: 40001f1e
x-host: nginx4
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET thesaurus.allarknow.online/js/rmp-vast.min.js?v=1.35
200 OK 219 kB URL GET HTTP/2 thesaurus.allarknow.online/js/rmp-vast.min.js?v=1.35
IP
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectallarknow.online
Fingerprint6A:54:35:B8:2E:FF:AF:4A:65:F5:DF:DA:F3:2E:2F:66:86:18:DC:3F
ValiditySun, 12 Jan 2025 21:02:50 GMT - Sat, 12 Apr 2025 21:02:49 GMT
Size 219 kB (219087 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/rmp-vast.min.js?v=1.35 HTTP/1.1
Host: thesaurus.allarknow.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:00 GMT
content-type: application/javascript
last-modified: Sat, 04 Jan 2025 20:10:49 GMT
etag: W/"677995c9-357cf"
expires: Sat, 03 May 2025 07:05:55 GMT
cache-control: max-age=7776000
bn: mm-10
strict-transport-security: max-age=31536000;
content-encoding: gzip
be: main_site_ssl
x-cache: HIT
X-Firefox-Spdy: h2
GET www.acint.net/match?dp=129&euid=i8ju5ka6od
200 OK 43 B URL GET HTTP/2 www.acint.net/match?dp=129&euid=i8ju5ka6od
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=i8ju5ka6od HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET logger.moviead55.ru/logger?t=cdiv&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=24&v=03208824bea369b060dba1f2083d6a4c&o=
200 OK 70 B URL GET HTTP/2 logger.moviead55.ru/logger?t=cdiv&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=24&v=03208824bea369b060dba1f2083d6a4c&o=
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
GET /logger?t=cdiv&c=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&a=&m=24&v=03208824bea369b060dba1f2083d6a4c&o= HTTP/1.1
Host: logger.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-logger-le: true
x-logger-tdb: default
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dde2cea25-b6ba-44dc-af70-41ae000e5a4a
302 Found 43 B URL GET HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dde2cea25-b6ba-44dc-af70-41ae000e5a4a
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services
Subjectadspend.space
Fingerprint9A:F3:E7:AD:5A:CC:68:28:4B:D7:1E:DC:9D:31:7B:92:4D:EB:AD:AA
ValiditySun, 05 Jan 2025 01:27:26 GMT - Sat, 05 Apr 2025 02:27:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dde2cea25-b6ba-44dc-af70-41ae000e5a4a HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: as-user=de2cea25-b6ba-44dc-af70-41ae000e5a4a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
location: https://www.acint.net/match?dp=98&euid=de2cea25-b6ba-44dc-af70-41ae000e5a4a
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS
access-control-allow-headers: Content-Type, authorization
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwlnuPqQ14M5YKe1BfmWR1tJPPV4V34cu7n5hDz%2FtQXtnb0mB3cx5Muwl%2BZNHS%2BigELFg9WNMb2RIFUIj2vzZrF1bvAiLH4UmAaDFUteR8lPoZHHbVW90z7mg95fTnWsA0J9xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdb0db92b4fd-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1356&min_rtt=531&rtt_var=1145&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4189&recv_bytes=1276&delivery_rate=7300840&cwnd=257&unsent_bytes=0&cid=93eaac3b6d2037b9&ts=494&x=0"
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=hbrdcookie2&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
set-cookie: sky_uuid=0a2a4d41-20e0-f1c9-20b0-eab93de2a3e2; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
POST api.apbugall.org/?token=45e20a5f584becf7a64dffb7174ddf&kp=4365427
200 OK 34 kB URL POST HTTP/2 api.apbugall.org/?token=45e20a5f584becf7a64dffb7174ddf&kp=4365427
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectapbugall.org
Fingerprint3F:BB:04:B4:B4:FC:EE:EE:4C:86:5A:F2:2C:75:75:A8:6E:20:45:49
ValiditySun, 29 Dec 2024 21:01:19 GMT - Sat, 29 Mar 2025 21:01:18 GMT
Hash 5af88b7a61e7cab12360bcadfedf1f73
6c87e242d9e81ad716e9fc26e8c96c5266e9262d
07a03f66c478b5e61b45d627510679810e3a66689568a4335c511cb5648eb169
POST /?token=45e20a5f584becf7a64dffb7174ddf&kp=4365427 HTTP/1.1
Host: api.apbugall.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.30
cache-control: max-age=120
access-control-allow-origin: *
content-encoding: gzip
be: main_site_ssl
X-Firefox-Spdy: h2
GET user91471.clients-cdnnow.ru/mp_dist/integrationYandex.js?ver=2025021300587
200 OK 5.6 kB URL GET HTTP/2 user91471.clients-cdnnow.ru/mp_dist/integrationYandex.js?ver=2025021300587
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.clients-cdnnow.ru
Fingerprint69:F1:71:81:E4:B1:67:BE:39:1F:96:52:00:86:84:F9:41:06:79:AA
ValidityWed, 27 Nov 2024 11:51:10 GMT - Tue, 25 Feb 2025 11:51:09 GMT
File type JavaScript source, ASCII text, with very long lines (5729), with no line terminators
Hash 177394659f582ba40a79a346a65e130b
b199fef3557b5366a353ccfef23f55e63a8ed7a3
f493e5b6b8f80725014327457ac51811a900acf4a3043ec420fb4c0606ef8070
GET /mp_dist/integrationYandex.js?ver=2025021300587 HTTP/1.1
Host: user91471.clients-cdnnow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:17 GMT
content-type: application/javascript
last-modified: Tue, 04 Feb 2025 10:46:36 GMT
vary: Accept-Encoding
etag: W/"67a1f00c-15b7"
x-movieads-country: DE
content-encoding: gzip
x-edge-cache: HIT
x-edge-ip: 172.19.32.3
X-Firefox-Spdy: h2
GET sync.adspend.space/sape?uid=0900007F0118AD673527F14B02D61368
302 Found 43 B URL GET HTTP/2 sync.adspend.space/sape?uid=0900007F0118AD673527F14B02D61368
IP
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerGoogle Trust Services
Subjectadspend.space
Fingerprint9A:F3:E7:AD:5A:CC:68:28:4B:D7:1E:DC:9D:31:7B:92:4D:EB:AD:AA
ValiditySun, 05 Jan 2025 01:27:26 GMT - Sat, 05 Apr 2025 02:27:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape?uid=0900007F0118AD673527F14B02D61368 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: text/html; charset=utf-8
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dde2cea25-b6ba-44dc-af70-41ae000e5a4a
set-cookie: as-user=de2cea25-b6ba-44dc-af70-41ae000e5a4a; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2Byv3%2BBgJEvDslTkTHxTm0MXgTZftGz346bxYFNy5U9PKS9aK1sEH%2FtPOICM1Y0ndSxgtZOk9sUC7bRLaisJjcH%2F8C%2FN%2BmXdm%2BpQhmsA%2B9YMweAOt15kCwLYf4Aj2n%2BbfkKNyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 910fcdae2814b4fd-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1365&min_rtt=531&rtt_var=1501&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1105&delivery_rate=7300840&cwnd=254&unsent_bytes=0&cid=93eaac3b6d2037b9&ts=69&x=0"
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/bmap?v=03208824bea369b060dba1f2083d6a4c&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&tanc=&ancs=&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&rel=true&rnd=1739397132408&cnt=1
200 OK 42 kB URL GET HTTP/2 code.moviead55.ru/go/bmap?v=03208824bea369b060dba1f2083d6a4c&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&tanc=&ancs=&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&rel=true&rnd=1739397132408&cnt=1
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type JavaScript source, ASCII text, with very long lines (41602), with no line terminators
Hash 66b4c3c8865019aaa28b998ba769f6bf
4cf04401d830ddcb97a517f49e6ef3b06c81ab07
d9dac23d5dc2bfa8100abfe939cb753a96abe3bf24cfbf73784403e84e217856
GET /go/bmap?v=03208824bea369b060dba1f2083d6a4c&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&tanc=&ancs=&maid=a17ca74e-06d8-4243-8ae1-529c0a512d3d&rel=true&rnd=1739397132408&cnt=1 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==; sapecookie=0900007F0118AD673527F14B02D61368; solta=Z60YASsrI9w; 465rmads=1739397132
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:13 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-udata: cache,parsed,283001
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET ssp.bidvol.com/usersync?dspcsid=141&redirect=1
302 Found 0 B URL GET HTTP/2 ssp.bidvol.com/usersync?dspcsid=141&redirect=1
IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectssp.bidvol.com
Fingerprint3B:DE:00:48:B6:4B:AE:32:FD:A7:6B:04:C1:58:85:2B:95:51:02:95
ValidityMon, 06 Jan 2025 08:51:41 GMT - Sun, 06 Apr 2025 08:51:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync?dspcsid=141&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.24.0 (Ubuntu)
date: Wed, 12 Feb 2025 21:52:01 GMT
x-request-id: 125a9668-c825-4f12-a02c-7afc728de22d
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
set-cookie: bvuid=i8ju5ka6od; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=i8ju5ka6od; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
location: https://code.moviead55.ru/go/csync?cn=bvbid&bid=i8ju5ka6od
X-Firefox-Spdy: h2
GET code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1739397121
301 Moved Permanently 0 B URL GET HTTP/2 code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1739397121
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/cinit?cn=ohmybid&rnd=1739397121 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-length: 0
location: https://match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%7Buid%7D
set-cookie: sky_uuid=09d89a06-79db-98ce-5d3e-da37f993b4a0; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
X-Firefox-Spdy: h2
GET www.acint.net/mc/?dp=167&tc=1
200 OK 7.8 kB URL GET HTTP/2 www.acint.net/mc/?dp=167&tc=1
IP
ASN #24940 Hetzner Online GmbH
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type HTML document, ASCII text, with very long lines (8143), with no line terminators
Hash 302d792b28e674c475108f8e6e1783b9
2e5cc08356937520a0f4bae2b73ac9e3a3a11c39
84dcba2c021f2ec3edeb93079f7c542abcf09191a361c5e59b6cb74a94c9db22
GET /mc/?dp=167&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://flicksbar.mom/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: text/html
set-cookie: cSyncDp14v6=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v5=1739397121; expires=Thu, 13-Feb-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v5=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v4=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1739397121; expires=Wed, 26-Feb-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v4=1739397121; expires=Thu, 27-Feb-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp251v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp217v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp226v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp239v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp243v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp260v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp244v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp248v3=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp261v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp289v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp296v2=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp312v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp313v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp368v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp331v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp351v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp361v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp353v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp362v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp366v1=1739397121; expires=Fri, 14-Mar-25 21:52:01 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
GET mc.acint.net/match?dp=366&euid=VUnZUsbWsOWu9RE
200 OK 43 B URL GET HTTP/2 mc.acint.net/match?dp=366&euid=VUnZUsbWsOWu9RE
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=366&euid=VUnZUsbWsOWu9RE HTTP/1.1
Host: mc.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Wed, 12 Feb 2025 21:52:02 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
200 OK 490 B URL GET HTTP/2 code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type XML document, ASCII text, with very long lines (516), with no line terminators
Hash c1ebef382eaf7c639db3304e4ee140e0
5906e46c4967cbbc811a3b515c6da017db1273e2
bfe5b397dfa4821add10cf0cccd955228c40b03ecb8c0161282d3befabf673bc
GET /vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==; sapecookie=0900007F0118AD673527F14B02D61368; solta=Z60YASsrI9w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:07 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-cors-qex: Referer
x-skyadvert-path: /
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-skyadvert-udata: cache,parsed,25435
x-skyadvert-referrer: http://flicksbar.mom/
x-cache-source: Rist
x-skyadvert-mrc: no
x-skyadvert-ref: {"Scheme":"http","Opaque":"","User":null,"Host":"flicksbar.mom","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 465rmads=1739397127; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Montserrat:wght@200&display=swap
200 OK 2.0 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@200&display=swap
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C
ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT
File type ASCII text, with very long lines (2021), with no line terminators
Hash 58832ba920a84110c95a82b737d94452
fe5ceb1888f721350c12ef3a942d305bb128a6e5
27bb48a36fe4aef7b524e578e1f3f3e8cae0109b90217508a633d02bdd166b0b
GET /css2?family=Montserrat:wght@200&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 12 Feb 2025 21:51:59 GMT
date: Wed, 12 Feb 2025 21:51:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET user91471.clients-cdnnow.ru/mp_dist/mstream2.js?ver=9035061353
200 OK 163 kB URL GET HTTP/2 user91471.clients-cdnnow.ru/mp_dist/mstream2.js?ver=9035061353
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.clients-cdnnow.ru
Fingerprint69:F1:71:81:E4:B1:67:BE:39:1F:96:52:00:86:84:F9:41:06:79:AA
ValidityWed, 27 Nov 2024 11:51:10 GMT - Tue, 25 Feb 2025 11:51:09 GMT
Size 163 kB (162594 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mp_dist/mstream2.js?ver=9035061353 HTTP/1.1
Host: user91471.clients-cdnnow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:01 GMT
content-type: application/javascript
last-modified: Tue, 04 Feb 2025 10:46:36 GMT
vary: Accept-Encoding
etag: W/"67a1f00c-27b22"
x-movieads-country: DE
content-encoding: gzip
x-edge-cache: HIT
x-edge-ip: 172.19.32.3
X-Firefox-Spdy: h2
GET acint.net/rmatch?dp=313&euid=NT_1152039335888852_eGLRBa&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D313
302 Found 43 B URL GET HTTP/2 acint.net/rmatch?dp=313&euid=NT_1152039335888852_eGLRBa&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D313
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subject*.acint.net
Fingerprint25:94:E6:DB:AF:DB:C0:E0:C3:BC:ED:32:D7:DB:6E:F9:CD:D1:6B:11
ValidityMon, 20 Jan 2025 23:49:53 GMT - Sun, 20 Apr 2025 23:49:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rmatch?dp=313&euid=NT_1152039335888852_eGLRBa&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D313 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAACWetGAFL8Sc1aBPWAjDaWwgtvDsY8ChIoMp0fcF1eQ4w; cSyncDp14v6=1739397121; cSyncDp17v2=1739397121; cSyncDp45v5=1739397121; cSyncDp53v5=1739397121; cSyncDp62v2=1739397121; cSyncDp67v3=1739397121; cSyncDp68v3=1739397121; cSyncDp71v2=1739397121; cSyncDp85v2=1739397121; cSyncDp95v4=1739397121; cSyncDp98v3=1739397121; cSyncDp104v2=1739397121; cSyncDp107v2=1739397121; cSyncDp110v3=1739397121; cSyncDp125v4=1739397121; cSyncDp126v3=1739397121; cSyncDp129v2=1739397121; cSyncDp136v3=1739397121; cSyncDp148v2=1739397121; cSyncDp149v3=1739397121; cSyncDp151v2=1739397121; cSyncDp251v2=1739397121; cSyncDp186v2=1739397121; cSyncDp217v2=1739397121; cSyncDp226v1=1739397121; cSyncDp239v3=1739397121; cSyncDp243v2=1739397121; cSyncDp260v2=1739397121; cSyncDp244v2=1739397121; cSyncDp248v3=1739397121; cSyncDp261v1=1739397121; cSyncDp289v2=1739397121; cSyncDp296v2=1739397121; cSyncDp312v1=1739397121; cSyncDp313v1=1739397121; cSyncDp368v1=1739397121; cSyncDp331v1=1739397121; cSyncDp351v1=1739397121; cSyncDp361v1=1739397121; cSyncDp353v1=1739397121; cSyncDp362v1=1739397121; cSyncDp366v1=1739397121; cSyncDp14v4=1739397121; cSyncDp7v3=1739397123
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Wed, 12 Feb 2025 21:52:03 GMT
content-type: text/html
content-length: 154
location: https://mc.acint.net/cmatch?dp=313
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET code.moviead55.ru/vjs2.php?bid=R-A-13494186-3
200 OK 838 B URL GET HTTP/2 code.moviead55.ru/vjs2.php?bid=R-A-13494186-3
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type XML document, ASCII text, with very long lines (1004), with no line terminators
Hash 791a122a2a3b12005d60acdad1f7a2f5
eb614a080c9c9ca69e63a352dc2c6d6de15b8173
a5aa18a6064adc260e510d53a0d81b41ee564231f180c899b9c6550ee2431f19
GET /vjs2.php?bid=R-A-13494186-3 HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==; sapecookie=0900007F0118AD673527F14B02D61368; solta=Z60YASsrI9w; 465rmads=1739397132; 467rmads=1739397136
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:16 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET adx.com.ru/sync/init/skyadvert-banner-rtb?uid=1199be9d-59fc-b988-3a7a-184ba08bb738&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrt%26bid%3D%7Buserid%7D
204 No Content 0 B URL GET HTTP/2 adx.com.ru/sync/init/skyadvert-banner-rtb?uid=1199be9d-59fc-b988-3a7a-184ba08bb738&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrt%26bid%3D%7Buserid%7D
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerGlobalSign nv-sa
Subject*.adx.com.ru
Fingerprint80:35:EC:8F:65:57:E4:4C:9A:B4:F6:F9:CA:A4:DD:48:0A:71:E0:4E
ValidityWed, 05 Jun 2024 13:44:34 GMT - Mon, 07 Jul 2025 13:44:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/init/skyadvert-banner-rtb?uid=1199be9d-59fc-b988-3a7a-184ba08bb738&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dplzkrt%26bid%3D%7Buserid%7D HTTP/1.1
Host: adx.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.26.0
date: Wed, 12 Feb 2025 21:52:01 GMT
X-Firefox-Spdy: h2
GET code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
200 OK 490 B URL GET HTTP/2 code.moviead55.ru/vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d
IP
ASN #6681 Giveme Cloud Sp Z O O
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subject*.moviead55.ru
FingerprintE6:83:1D:E1:DA:03:C0:25:BF:86:1A:76:A4:25:86:65:8C:3A:45:A7
ValiditySun, 17 Nov 2024 19:47:04 GMT - Sat, 15 Feb 2025 19:47:03 GMT
File type XML document, ASCII text, with very long lines (516), with no line terminators
Hash c1ebef382eaf7c639db3304e4ee140e0
5906e46c4967cbbc811a3b515c6da017db1273e2
bfe5b397dfa4821add10cf0cccd955228c40b03ecb8c0161282d3befabf673bc
GET /vast2?key=03208824bea369b060dba1f2083d6a4c&sid=autoplay&cp.adsource=ydxn.rus&cp.adtype=pre&vt=100&fp=[fp]&w=1280&h=330&vid=&fpro=&ma=a17ca74e-06d8-4243-8ae1-529c0a512d3d&suri=http%3A%2F%2Fflicksbar.mom%2Fseries%2F4365427%2F&rdd1=true&cp.session=4f1b70b5-0850-a253-4bc4-9dd63c49eb76&cp.referer=http%253A%252F%252Fflicksbar.mom%252Fseries%252F4365427%252F&cp.cb=5da17103-e85e-b9af-60c4-450fed6dba5d HTTP/1.1
Host: code.moviead55.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://flicksbar.mom
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Cookie: sky_uuid=1199be9d-59fc-b988-3a7a-184ba08bb738; hbrdcookie2=375b1cdc2416de852945; otclkbid=VUnZUsbWsOWu9RE; ohmybid=66561e59-5779-4161-a494-f41a71e6729f; bvbid=i8ju5ka6od; bzcookie=419955ad-bf03-4e68-52e6-88cfaac8f929; 466rmads=1739397122; otmbid=NjdhZDE4MDEwODg2ZmYwYg==; sapecookie=0900007F0118AD673527F14B02D61368; solta=Z60YASsrI9w; 465rmads=1739397127
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:52:12 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-cors-qex: Referer
x-skyadvert-path: /
access-control-allow-credentials: true
access-control-allow-origin: http://flicksbar.mom
x-skyadvert-udata: cache,parsed,142531
x-skyadvert-referrer: http://flicksbar.mom/
x-cache-source: Rist
x-skyadvert-mrc: no
x-skyadvert-ref: {"Scheme":"http","Opaque":"","User":null,"Host":"flicksbar.mom","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 465rmads=1739397132; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
GET ssp.bidvol.com/usersync?pubid=252
302 Found 0 B URL GET HTTP/2 ssp.bidvol.com/usersync?pubid=252
IP
ASN #24940 Hetzner Online GmbH
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerLet's Encrypt
Subjectssp.bidvol.com
Fingerprint3B:DE:00:48:B6:4B:AE:32:FD:A7:6B:04:C1:58:85:2B:95:51:02:95
ValidityMon, 06 Jan 2025 08:51:41 GMT - Sun, 06 Apr 2025 08:51:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync?pubid=252 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: bvuid=i8ju5ka6od
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.24.0 (Ubuntu)
date: Wed, 12 Feb 2025 21:52:02 GMT
x-request-id: 882a9252-a693-45c7-bfa4-de0b7e4c2d11
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
set-cookie: bvuid=i8ju5ka6od; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=i8ju5ka6od; Max-Age=2147483647; Domain=.bidvol.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
location: https://a.utraff.com/sync?dsp=Bidvol&buyerid=i8ju5ka6od
X-Firefox-Spdy: h2
GET vak345.com/csn/202502130051.js?v=03208824bea369b060dba1f2083d6a4c&_t=1739397119718.718
200 OK 126 kB URL GET HTTP/2 vak345.com/csn/202502130051.js?v=03208824bea369b060dba1f2083d6a4c&_t=1739397119718.718
IP
Requested by http://flicksbar.mom/series/4365427/
Certificate IssuerLet's Encrypt
Subjectvak345.com
Fingerprint67:21:27:D6:59:23:57:91:A2:03:D9:4A:21:D9:1A:DC:E0:C7:AA:B9
ValiditySat, 01 Feb 2025 16:33:35 GMT - Fri, 02 May 2025 16:33:34 GMT
Size 126 kB (125821 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csn/202502130051.js?v=03208824bea369b060dba1f2083d6a4c&_t=1739397119718.718 HTTP/1.1
Host: vak345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://flicksbar.mom/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 12 Feb 2025 21:51:59 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-skyadvert-udata: cache,parsed,1150438
server-timing: APP;dur=1.0000, key_checks;dur=0.0000, cache;dur=0.0000, fid;dur=0.0000, tpl_transform;dur=0.0000, tpl_replace;dur=0.0000, keyManager;dur=0.0000, udata;dur=0.0000, country_accepts;dur=0.0000, dataArr;dur=0.0000, config;dur=0.0000, tpl_get;dur=0.0000
x-build: 40001f1e
x-host: nginx3
set-cookie: sky_uuid=5f8d75cc-5379-836e-10f0-38c1e80900e7; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
X-Firefox-Spdy: h2
POST pc.playjusting.com/list.php
200 OK 26 B URL POST HTTP/2 pc.playjusting.com/list.php
IP
ASN #205125 Network Management Ltd
Requested by https://thesaurus.allarknow.online/?token_movie=8bc2fa9de809ec2e1d3a91804374dc&token=45e20a5f584becf7a64dffb7174ddf&null=
Certificate IssuerLet's Encrypt
Subjectv-2.alloha.tv
FingerprintF7:68:17:3C:74:D8:55:63:94:88:BF:1D:8A:D4:21:27:C3:16:DB:BC
ValidityTue, 14 Jan 2025 21:04:32 GMT - Mon, 14 Apr 2025 21:04:31 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6db6510c6dfd79586815b742ee63e055
974e4dd4a9160da95ea0cf8f0de003fa2d88183f
16aa9ae266ca79f0e0cc582f2de39cd84e4c4f9c398e6e84433ce886d5430acb
POST /list.php HTTP/1.1
Host: pc.playjusting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 229
Origin: https://thesaurus.allarknow.online
DNT: 1
Connection: keep-alive
Referer: https://thesaurus.allarknow.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Wed, 12 Feb 2025 21:52:05 GMT
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.2.25
access-control-allow-origin: https://thesaurus.allarknow.online
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
be: main_site_ssl
X-Firefox-Spdy: h2
GET dm.hybrid.ai/yandexdmp-match
302 Found 0 B URL GET HTTP/2 dm.hybrid.ai/yandexdmp-match
IP
ASN #200197 Hybrid Adtech Sp.z.o.o.
Requested by https://www.acint.net/mc/?dp=167&tc=1
Certificate IssuerSectigo Limited
Subject*.hybrid.ai
FingerprintC1:9A:FB:0B:9B:BA:F6:60:5C:85:23:14:04:BB:28:06:F8:94:11:9E
ValidityWed, 04 Sep 2024 00:00:00 GMT - Sun, 05 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /yandexdmp-match HTTP/1.1
Host: dm.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
DNT: 1
Connection: keep-alive
Cookie: vid=375b1cdc2416de852945
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 12 Feb 2025 21:52:02 GMT
content-length: 0
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
location: https://an.yandex.ru/mapuid/dmphybridai/375b1cdc2416de852945?sign=2659209394
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 0584
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
194.104.136.89
87.245.192.102
142.250.178.104
188.114.96.1
167.235.10.90
92.223.23.231
54.170.215.73
65.109.23.99
185.244.209.62
45.95.201.20
0.0.0.0