42.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=zcw4w0osw84cow48&aurl=d5.hotplayer.ru/downloadm/f33e6efc53fbe71fb0ff0f5acb166db2/404551974_456239280/13710a70198d-37c516ca427e-bb34ba77572/carlo%20rustichelli%20-%20grand%20hotel%20excelsior.mp3?play&an=&utm_term=&site=&isubs=0
188.114.96.1200 OK 25 kB URL HTTP/1.1 42.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=zcw4w0osw84cow48&aurl=d5.hotplayer.ru/downloadm/f33e6efc53fbe71fb0ff0f5acb166db2/404551974_456239280/13710a70198d-37c516ca427e-bb34ba77572/carlo%20rustichelli%20-%20grand%20hotel%20excelsior.mp3?play&an=&utm_term=&site=&isubs=0
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12693), with CRLF, LF line terminators
Hash f38f1ce9a90f0f9c044a647b588bfe50
7e90a8ea1f53b8b8ae9263e0e34008e218918b20
03bc1be812a07e356bd3bc1bcc13564301afb1f844325e1d52f2231bd79395b7
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=zcw4w0osw84cow48&aurl=d5.hotplayer.ru/downloadm/f33e6efc53fbe71fb0ff0f5acb166db2/404551974_456239280/13710a70198d-37c516ca427e-bb34ba77572/carlo%20rustichelli%20-%20grand%20hotel%20excelsior.mp3?play&an=&utm_term=&site=&isubs=0 HTTP/1.1
Host: 42.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iij1L5VrU2YJvT5fKKKtRHadBlgU7cBl2zKryVCiJepZdnV%2BUIWrAfG2OW%2F0cA5qrxZGjHXxoyD9pgk3p2PozJsuY9Dl7FbHrwI0MkhGXYUbMDe48O9uZiVuoUDP5KFb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e6d1e871fac4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9831
Expires: Wed, 01 Feb 2023 12:55:03 GMT
Date: Wed, 01 Feb 2023 10:11:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2626
Expires: Wed, 01 Feb 2023 10:54:58 GMT
Date: Wed, 01 Feb 2023 10:11:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 09:43:25 GMT
content-type: application/json
age: 1667
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5641
Expires: Wed, 01 Feb 2023 11:45:13 GMT
Date: Wed, 01 Feb 2023 10:11:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6XvJsG94TSZFkbn4XSq4Zf8R/0sgx0B2Z9bgIBw7MSXSLEdYKFgdvRPNn1Bzd9FeKLUcbqodOaw=
x-amz-request-id: T8T9VBVACFJ9KN6A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 09:51:31 GMT
age: 1181
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
42.biqund.com/assets/styles/arrow.css?v1
188.114.96.1200 OK 2.1 kB URL HTTP/1.1 42.biqund.com/assets/styles/arrow.css?v1
IP 188.114.96.1:0
Hash 42f2eac8fc2d717d43b63c19404d009d
f160ecec8abed0763a70ab4c412697cb661bb9a7
2c64ecb52bdbe782356e6b4c2763127a375d1114c858011f73455cfd27232efc
GET /assets/styles/arrow.css?v1 HTTP/1.1
Host: 42.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://42.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=zcw4w0osw84cow48&aurl=d5.hotplayer.ru/downloadm/f33e6efc53fbe71fb0ff0f5acb166db2/404551974_456239280/13710a70198d-37c516ca427e-bb34ba77572/carlo%20rustichelli%20-%20grand%20hotel%20excelsior.mp3?play&an=&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1a14"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMN5zp36PSsaxGQMESkbsPlPSk1VO4bCZZpVxbu4%2FeW43Ko7HGBrnG%2Br3jwABMb0HtaEvjWIZJO5SjrJbuPeRIDAsUpKsnyyQ5l8RVBRoQreiSTBrbd2WdJ2SOwekQfw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e6d43a35fac4-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:11:12 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
42.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670
188.114.96.1200 OK 17 kB URL HTTP/1.1 42.biqund.com/199f8c6.php?utm_source=ogdd&utm_campaign=26670
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (42833), with no line terminators
Hash 350aa65e03e29f19de437f04c07f8dfb
faaecb41ecb910a258e6f220ff9e2699120af3dc
f5f15744f931e5d1665794489f170acb4cf6765d7d1b95e8c486a6646095cf17
GET /199f8c6.php?utm_source=ogdd&utm_campaign=26670 HTTP/1.1
Host: 42.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://42.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=zcw4w0osw84cow48&aurl=d5.hotplayer.ru/downloadm/f33e6efc53fbe71fb0ff0f5acb166db2/404551974_456239280/13710a70198d-37c516ca427e-bb34ba77572/carlo%20rustichelli%20-%20grand%20hotel%20excelsior.mp3?play&an=&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLp6j6HhgYpDMJLDPAfrJVIVOrkVQfJw2Oq%2F90wAaQ%2BIRUqZvFnZeZWgqEeQTyj5n8VotFUEJxvCmdZkJdPd2TSz%2FQAJQNi4f9FH1psIclcWHFysZ5gOkcSZMNk4wemy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7929e6d44fc5b4fd-OSL
alt-svc: h2=":443"; ma=60
42.biqund.com/favicon.ico
188.114.96.1200 OK 4.0 kB URL HTTP/1.1 42.biqund.com/favicon.ico
IP 188.114.96.1:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a51793fe0317686ba089709c57a35b1a
61575816c708298644a9c26859edc3a17ae91ebd
b81a8f8301df8f22e0ca12689afd9855d710026631f486c9538fdb08b129b084
GET /favicon.ico HTTP/1.1
Host: 42.biqund.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://42.biqund.com/index/m3?diff=0&utm_source=ogdd&utm_campaign=26670&utm_content=&utm_clickid=zcw4w0osw84cow48&aurl=d5.hotplayer.ru/downloadm/f33e6efc53fbe71fb0ff0f5acb166db2/404551974_456239280/13710a70198d-37c516ca427e-bb34ba77572/carlo%20rustichelli%20-%20grand%20hotel%20excelsior.mp3?play&an=&utm_term=&site=&isubs=0
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:12 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 12:29:48 GMT
ETag: W/"636262bc-1007"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmf9hLG9PlzZqrM6%2B2Oc8hBK0D27PqGxArIM57LTFyPzb3KjVgQ4Mbkmyp5LBM%2BSD7keFLqWtX1W1oXslEzUz2QVacCHW1%2FDFSxQNyn6RZwU3IAibIOvgvNJ2KtHIa%2Be"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e6d57986b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5c69f0d3e78f7fc1cc17b5cc4885e6a
7c6dd678470a068e4fd237a3349c022fef93bbc8
39b36b59c9c723fca2b52dc3800db84c8f8ee1da5754ba5a1ea770eec082b78b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39B36B59C9C723FCA2B52DC3800DB84C8F8EE1DA5754BA5A1EA770EEC082B78B"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7640
Expires: Wed, 01 Feb 2023 12:18:33 GMT
Date: Wed, 01 Feb 2023 10:11:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13407c2147fc2d590f4032f46ed3d723
c719ff7116ddcfc8c9ef85b697387a29800a4b38
1c3873e6eab69fc2f505697b556449a9a2a49164fa6cccfd3d26f429864886c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C3873E6EAB69FC2F505697B556449A9A2A49164FA6CCCFD3D26F429864886C4"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4478
Expires: Wed, 01 Feb 2023 11:25:51 GMT
Date: Wed, 01 Feb 2023 10:11:13 GMT
Connection: keep-alive
hdtcode.com/event?data=&id=10
185.98.54.153200 OK 0 B URL HTTP/2 hdtcode.com/event?data=&id=10
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?data=&id=10 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://42.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 10:11:13 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
sartojelius.com/13411
88.208.46.22200 OK 3.2 kB IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (3244), with no line terminators
Hash ce04caccdf3b955793da51b84e708eb5
e00f6788083a0f5660253eb6dc0e17047c19f7f6
d8e915778d2ae1313ebaa33919969252a03b8d26745b523747fe1e3d9bd78132
POST /13411 HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://42.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://42.biqund.com
Content-Length: 238
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 10:11:13 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://42.biqund.com
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: userid=d9537b78-fdcd-40dc-ab9d-777a612d540f; expires=Tue, 01-Feb-2028 10:11:13 GMT; Path=/; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
sartojelius.com/event/set
88.208.46.22200 OK 20 B URL HTTP/1.1 sartojelius.com/event/set
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /event/set HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://42.biqund.com/
Content-Type: text/plain;charset=UTF-8
Origin: http://42.biqund.com
Content-Length: 116
Connection: keep-alive
Cookie: userid=d9537b78-fdcd-40dc-ab9d-777a612d540f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 10:11:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: http://42.biqund.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
hdtcode.com/event?data=&id=30
185.98.54.153200 OK 0 B URL HTTP/2 hdtcode.com/event?data=&id=30
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?data=&id=30 HTTP/1.1
Host: hdtcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://42.biqund.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 10:11:13 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
sartojelius.com/js/cs?uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f
88.208.46.22302 Found 0 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/cs?uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://42.biqund.com/
Cookie: userid=d9537b78-fdcd-40dc-ab9d-777a612d540f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 Feb 2023 10:11:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f; expires=Fri, 03-Mar-2023 10:11:13 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Location: https://s.uuidksinc.net/match/1165/?remote_uid=d9537b78-fdcd-40dc-ab9d-777a612d540f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dd9537b78-fdcd-40dc-ab9d-777a612d540f%26oid%3D%5BUID%5D
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 09:49:05 GMT
age: 1328
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89652278d57df78e84e72dd0e7d51c26
4ab91c1e4b8d4fcef372586394de39d570937f5b
6577f347ff70f8031f47e2c7d85307aa32ba164c5189c2f1155f1f96d7df8adc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6577F347FF70F8031F47E2C7D85307AA32BA164C5189C2F1155F1F96D7DF8ADC"
Last-Modified: Mon, 30 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Wed, 01 Feb 2023 12:38:54 GMT
Date: Wed, 01 Feb 2023 10:11:13 GMT
Connection: keep-alive
s.uuidksinc.net/match/1165/?remote_uid=d9537b78-fdcd-40dc-ab9d-777a612d540f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dd9537b78-fdcd-40dc-ab9d-777a612d540f%26oid%3D%5BUID%5D
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/1165/?remote_uid=d9537b78-fdcd-40dc-ab9d-777a612d540f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dd9537b78-fdcd-40dc-ab9d-777a612d540f%26oid%3D%5BUID%5D
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/1165/?remote_uid=d9537b78-fdcd-40dc-ab9d-777a612d540f&cb_url=https%3A%2F%2Fsartojelius.com%2Fjs%2Fcs%3Fuuid%3Dd9537b78-fdcd-40dc-ab9d-777a612d540f%26oid%3D%5BUID%5D HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://42.biqund.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 01 Feb 2023 10:11:13 GMT
content-length: 0
location: https://sartojelius.com/js/cs?uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f&oid=h7XF2AmINrAIUZEqNIeE
set-cookie: jcsuuid=h7XF2AmINrAIUZEqNIeE; expires=Thu, 01 Feb 2024 10:11:13 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
sartojelius.com/js/cs?uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f&oid=h7XF2AmINrAIUZEqNIeE
88.208.46.22200 OK 43 B URL HTTP/1.1 sartojelius.com/js/cs?uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f&oid=h7XF2AmINrAIUZEqNIeE
IP 88.208.46.22:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /js/cs?uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f&oid=h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: sartojelius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://42.biqund.com/
Connection: keep-alive
Cookie: userid=d9537b78-fdcd-40dc-ab9d-777a612d540f; uuid=d9537b78-fdcd-40dc-ab9d-777a612d540f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 10:11:13 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=h7XF2AmINrAIUZEqNIeE; expires=Fri, 03-Mar-2023 10:11:13 GMT; Path=/; domain=.sartojelius.com; SameSite=None; Secure
Accept-CH: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Wed, 01 Feb 2023 11:02:58 GMT
Date: Wed, 01 Feb 2023 10:11:13 GMT
Connection: keep-alive
push.services.mozilla.com/
52.25.208.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.208.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: crt3ofHkKdNLYLj+EnBw7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O9iYLSwMJOE4SGrBqmX068TTfwY=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5117915a0a3632d04b72e65ea2a4fe72
2263c7273f623d75b82fb8ca00e5a771956b0d89
cf4eb4156859b45fd6cce69e44a6b4a3cbc777cae9ae3855e431e43510ab34d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF4EB4156859B45FD6CCE69E44A6B4A3CBC777CAE9AE3855E431E43510AB34D5"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16270
Expires: Wed, 01 Feb 2023 14:42:23 GMT
Date: Wed, 01 Feb 2023 10:11:13 GMT
Connection: keep-alive
z.cdn.adtarget.me/smc?s=22&u=h7XF2AmINrAIUZEqNIeE
212.32.253.229204 No Content 0 B URL HTTP/2 z.cdn.adtarget.me/smc?s=22&u=h7XF2AmINrAIUZEqNIeE
IP 212.32.253.229:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smc?s=22&u=h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: z.cdn.adtarget.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 10:01:45 GMT
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=h7XF2AmINrAIUZEqNIeE
193.3.184.135302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=h7XF2AmINrAIUZEqNIeE
IP 193.3.184.135:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Wed, 01 Feb 2023 10:11:13 GMT
content-type: text/html
content-length: 154
location: /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE&dp=191&tc=1
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 01-Feb-23 10:21:13 GMT
aid=fwAAAWPaOsEnKgn9aI3wAvN6Zfa7QJQTS0TpPeeM+R6oGaj1; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash d4dc11603548ea9263ea651a3ed0cde8
f79c1554898a602476f288833636701376d93662
d456d191702f5927ebbd82c8f6348c5393624341e42a6214964078802bc19be1
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 05 Feb 2023 09:00:46 GMT
ETag: "f79c1554898a602476f288833636701376d93662"
Last-Modified: Wed, 01 Feb 2023 09:00:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1146
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e6dc0c3eb4ee-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4025274278d2c50b05c1a34aa9f46caf
83450d561c6c1c396709d0e8c0b07c07b0b516b3
9c34698d8d1a6443167cd0f5083e5bfa741b2336cbef7e0c2e00df7449a4cc42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C34698D8D1A6443167CD0F5083E5BFA741B2336CBEF7E0C2E00DF7449A4CC42"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6279
Expires: Wed, 01 Feb 2023 11:55:52 GMT
Date: Wed, 01 Feb 2023 10:11:13 GMT
Connection: keep-alive
www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE&dp=191&tc=1
193.3.184.135302 Found 154 B URL HTTP/2 www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE&dp=191&tc=1
IP 193.3.184.135:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE&dp=191&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPaOsEnKgn9aI3wAvN6Zfa7QJQTS0TpPeeM+R6oGaj1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 01 Feb 2023 10:11:13 GMT
content-type: text/html
content-length: 154
location: https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dh7XF2AmINrAIUZEqNIeE&dp=14
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
set-cookie: cSyncDp14v3=1675246273; expires=Fri, 03-Mar-23 10:11:13 GMT; path=/; Secure; SameSite=None; domain=.acint.net
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 841decbded24a72bf9db2d73a5496128
52dc79bf8713e35e0c4ed18adf8ef7947fd16b7c
1ded9d10ed73c2515cd15bde23f64ca4b35f45d0519de634c32937bf8541cfad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DED9D10ED73C2515CD15BDE23F64CA4B35F45D0519DE634C32937BF8541CFAD"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4038
Expires: Wed, 01 Feb 2023 11:18:31 GMT
Date: Wed, 01 Feb 2023 10:11:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675241830241%22
35.241.9.150200 OK 21 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675241830241%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Hash b2eccd06a3cec516d98802b31d19420b
01c0073e3fc56dac9211e16dc8c489518a924442
4d33a295a5d75a05d4e04ae49282fb15ff73c73b01647ca05ddf041edbfba1a1
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675241830241%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Wed, 01 Feb 2023 10:02:04 GMT
age: 550
last-modified: Wed, 01 Feb 2023 08:57:10 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
kimberlite.io/rtb/sync/kadam?u=h7XF2AmINrAIUZEqNIeE
80.78.249.201307 Temporary Redirect 0 B URL HTTP/1.1 kimberlite.io/rtb/sync/kadam?u=h7XF2AmINrAIUZEqNIeE
IP 80.78.249.201:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/sync/kadam?u=h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: kimberlite.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 01 Feb 2023 10:11:14 GMT
Content-Length: 0
Connection: keep-alive
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: *
set-cookie: u=Y9o6wqyyY1A~DeLb5tQR9wZ1E5iHR0DQpzb40Zo; path=/; max-age=7776000; samesite=none; httponly; secure
location: https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1
referrer-policy: no-referrer
server-timing: app;srv=3;dur=0.0003
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4425b828e4a2fd622a33700cd20bfbb1
d3bbc9420a1a5a21bae43440c51411ed60013139
ebe3be11ffdfb5a62a4d33d5880fda4bf70fcaed0e625b96e80b0da5fbdbbe26
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBE3BE11FFDFB5A62A4D33D5880FDA4BF70FCAED0E625B96E80B0DA5FBDBBE26"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8531
Expires: Wed, 01 Feb 2023 12:33:25 GMT
Date: Wed, 01 Feb 2023 10:11:14 GMT
Connection: keep-alive
rtb.com.ru/kadam-sync?uid=h7XF2AmINrAIUZEqNIeE
83.222.114.188204 No Content 0 B URL HTTP/1.1 rtb.com.ru/kadam-sync?uid=h7XF2AmINrAIUZEqNIeE
IP 83.222.114.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /kadam-sync?uid=h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: rtb.com.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.18.0
Date: Wed, 01 Feb 2023 10:11:14 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
P3p: CP="rtb.com.ru does not have a P3P policy"
uuidksinc.net/matchx
31.220.27.135200 OK 1.2 kB IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash 45bcbd24c6cf88d0e623660288d721b0
0a79b3116f60040c2644bff88d32cc37463a78f1
5f01aab355c6a6c9a24fff7952582d79b4c7b503dac42680e778a8e2b4b266a5
GET /matchx HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://42.biqund.com/
Cookie: jcsuuid=h7XF2AmINrAIUZEqNIeE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 10:11:13 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dh7XF2AmINrAIUZEqNIeE&dp=14
193.3.184.211302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dh7XF2AmINrAIUZEqNIeE&dp=14
IP 193.3.184.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253Dh7XF2AmINrAIUZEqNIeE&dp=14 HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 01 Feb 2023 10:11:14 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/rmatch?dp=14&euid=3103420AC23ADA634C00E06E029DFCDB&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDMWPaOsJu4ABM2/ydAmJOTE410zuuc2N6AYKwGQWmBybe; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
acint.net/rmatch?dp=14&euid=3103420AC23ADA634C00E06E029DFCDB&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE
193.3.184.135302 Found 154 B URL HTTP/2 acint.net/rmatch?dp=14&euid=3103420AC23ADA634C00E06E029DFCDB&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE
IP 193.3.184.135:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=14&euid=3103420AC23ADA634C00E06E029DFCDB&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3Dh7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPaOsEnKgn9aI3wAvN6Zfa7QJQTS0TpPeeM+R6oGaj1; cSyncDp14v3=1675246273
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 01 Feb 2023 10:11:14 GMT
content-type: text/html
content-length: 154
location: https://d.uuidksinc.net/match/383/?remote_uid=h7XF2AmINrAIUZEqNIeE
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=158&vid=h7XF2AmINrAIUZEqNIeE
37.18.103.16204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=158&vid=h7XF2AmINrAIUZEqNIeE
IP 37.18.103.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=158&vid=h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 10:11:14 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=3ef7bff1402167584748; Expires=Thu, 01 Feb 2024 10:11:12 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 523
x-xss-protection: 1; mode=block
access-control-allow-origin: https://uuidksinc.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2
d.uuidksinc.net/match/383/?remote_uid=h7XF2AmINrAIUZEqNIeE
31.220.27.135200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/383/?remote_uid=h7XF2AmINrAIUZEqNIeE
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/383/?remote_uid=h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=h7XF2AmINrAIUZEqNIeE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 10:11:14 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96c794fe0eb0984074775ba4e182ed9d
bd6f5a86011fa199bc4197a37fb84079eb487f7e
3f626fa9d03173ededfce2c39da3be2989781484ca87bed7d8a8fd0f68fb051b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F626FA9D03173EDEDFCE2C39DA3BE2989781484CA87BED7D8A8FD0F68FB051B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2566
Expires: Wed, 01 Feb 2023 10:54:00 GMT
Date: Wed, 01 Feb 2023 10:11:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7dcdd6a2197107a9404f183a50193d6
aef4cb62a9a3ee93394f113c145a7d21798137e2
90779400159f10469fdf784a3b21e2981a59d03b44a5bb991f98982c65076fc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90779400159F10469FDF784A3B21E2981A59D03B44A5BB991F98982C65076FC4"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Wed, 01 Feb 2023 11:06:15 GMT
Date: Wed, 01 Feb 2023 10:11:14 GMT
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 216
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e6de59d30b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:11:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=574929,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7929e6de2f320b02-OSL
fcgi4.gnezdo.ru/cookie_matching/kadam/h7XF2AmINrAIUZEqNIeE
93.95.102.105302 Found 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam/h7XF2AmINrAIUZEqNIeE
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam/h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 10:11:14 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam/h7XF2AmINrAIUZEqNIeE/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPaOsI8MSUQ/EH6Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching/kadam_resell/h7XF2AmINrAIUZEqNIeE
93.95.102.105302 Found 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching/kadam_resell/h7XF2AmINrAIUZEqNIeE
IP 93.95.102.105:0
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching/kadam_resell/h7XF2AmINrAIUZEqNIeE HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 10:11:14 GMT
location: https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/h7XF2AmINrAIUZEqNIeE/?redirect=1
access-control-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With
access-control-allow-credentials: true
set-cookie: uid=XV9maWPaOsI8MSUQ/EH7Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 01 Feb 2024 10:11:14 GMT; Path=/; Domain=.betweendigital.com
tuuid=7b6b4a85-24ec-5220-b689-d677d553ecb5; Max-Age=31536000; Expires=Thu, 01 Feb 2024 10:11:14 GMT; Path=/; Domain=.betweendigital.com
ut=Y9o6wgAE9YiRfFjys6a62QXSA8k21kofGmiT9w==; Max-Age=31536000; Expires=Thu, 01 Feb 2024 10:11:14 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/6573/i/i?a=662&e=h7XF2AmINrAIUZEqNIeE&i=0.11097207927005415
185.15.175.157307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/6573/i/i?a=662&e=h7XF2AmINrAIUZEqNIeE&i=0.11097207927005415
IP 185.15.175.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/6573/i/i?a=662&e=h7XF2AmINrAIUZEqNIeE&i=0.11097207927005415 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 01 Feb 2023 10:11:14 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675246274313&a=662&e=h7XF2AmINrAIUZEqNIeE&i=0.11097207927005415
Set-Cookie: viuserid=WVGjmHubXF97zxK7ysIZ; Max-Age=93312000; Expires=Fri, 16 Jan 2026 10:11:14 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
kadam-sync.rutarget.ru/sync
94.139.255.195302 Moved Temporarily 0 B URL HTTP/1.1 kadam-sync.rutarget.ru/sync
IP 94.139.255.195:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: kadam-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 01 Feb 2023 10:11:14 GMT
Content-Length: 0
Connection: close
Location: https://d.uuidksinc.net/match/386/?remote_uid=PKagmbSEX36J
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=PKagmbSEX36J; Path=/; Domain=.rutarget.ru; Expires=Mon, 31 Jul 2023 10:11:14 GMT; SameSite=None; Secure
d.uuidksinc.net/match/386/?remote_uid=PKagmbSEX36J
31.220.27.135200 OK 74 B URL HTTP/2 d.uuidksinc.net/match/386/?remote_uid=PKagmbSEX36J
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e24e19b024c44b778301d880bd8e6f4
d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
GET /match/386/?remote_uid=PKagmbSEX36J HTTP/1.1
Host: d.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Cookie: jcsuuid=h7XF2AmINrAIUZEqNIeE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.0
date: Wed, 01 Feb 2023 10:11:14 GMT
content-type: image/png
content-length: 74
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F499%252F%253Fremote_uid%253DY9o6wqyyY1A%26n%3D1&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 01 Feb 2024 10:11:14 GMT; Path=/; Domain=.betweendigital.com
tuuid=bf49eb94-c831-5220-8560-3fd7e6ba0515; Max-Age=31536000; Expires=Thu, 01 Feb 2024 10:11:14 GMT; Path=/; Domain=.betweendigital.com
ut=Y9o6wgAFlbCl-pnaqcdIrPg0RGLuxaJxmE6MKA==; Max-Age=31536000; Expires=Thu, 01 Feb 2024 10:11:14 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675246274313&a=662&e=h7XF2AmINrAIUZEqNIeE&i=0.11097207927005415
185.15.175.157200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1675246274313&a=662&e=h7XF2AmINrAIUZEqNIeE&i=0.11097207927005415
IP 185.15.175.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/6573/i/i?call_source=awg&ts=1675246274313&a=662&e=h7XF2AmINrAIUZEqNIeE&i=0.11097207927005415 HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 10:11:14 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only