Report - automan.ru/stat/175.shtml

Report Overview

Submitted URL
automan.ru/stat/175.shtml
IP
31.31.198.230
ASN
#197695 Domain names registrar REG.RU, Ltd
Submitted
2023-02-02 03:48:53
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
exchange.buzzoola.com	18389	2014-10-17T17:20:27Z	2023-03-13T08:33:52Z	483 B	382 B	138.201.34.238
ads.betweendigital.com	1571	2012-10-30T06:08:04Z	2023-03-13T06:54:29Z	2.8 kB	3.6 kB	188.42.34.64
yastatic.net	72282	2014-03-11T08:15:28Z	2023-03-13T05:16:26Z	3.0 kB	192 kB	178.154.131.215
www.yandex.ru	38517	2012-05-22T21:41:24Z	2023-03-13T10:34:37Z	696 B	2.2 kB	77.88.55.55
dm-eu.hybrid.ai	28847	2021-01-25T12:48:59Z	2023-03-13T06:16:11Z	419 B	528 B	37.18.103.16
sync.dmp.otm-r.com	19534	2017-02-03T08:19:51Z	2023-03-13T08:33:52Z	419 B	134 B	194.55.244.185
pix.bumlam.com	92002	2022-03-29T11:19:43Z	2023-03-13T08:33:52Z	1.4 kB	2.1 kB	31.172.81.160
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ad.adriver.ru	19548	2012-08-31T19:10:27Z	2023-03-13T06:54:23Z	875 B	1.4 kB	195.209.108.50
ssp.bidvol.com	31817	2020-02-22T13:37:29Z	2023-03-13T08:33:52Z	398 B	1.1 kB	65.109.23.99
tag.digitaltarget.ru	98193	2015-07-21T16:24:58Z	2023-03-13T08:33:52Z	745 B	19 kB	185.15.175.144
ads.adlook.me	43352	2018-11-28T13:50:19Z	2023-03-13T08:33:52Z	442 B	325 B	5.200.44.122
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	401 B	2.2 kB	216.58.207.228
sync.bumlam.com	3243	2015-08-10T23:04:25Z	2023-03-13T08:33:52Z	1.8 kB	2.6 kB	31.172.81.172
7dd48a9e-a2ac-11ed-86e0-002590c0647c.n6.sync.bumlam.com	unknown			488 B	165 B	188.120.245.54
sape-sync.rutarget.ru	173587	2018-08-07T16:11:47Z	2023-03-13T08:33:52Z	380 B	409 B	188.72.107.205
sm.rtb.mts.ru	27154	2019-03-26T15:10:01Z	2023-03-13T08:33:52Z	838 B	1.0 kB	217.66.147.33
automan.ru	unknown	2013-05-14T07:26:13Z	2023-03-08T07:58:28Z	1.9 kB	11 kB	31.31.198.230
informer.gismeteo.ru	unknown	2012-07-16T17:51:18Z	2023-03-12T07:36:54Z	303 B	5.0 kB	185.134.203.99
dmg.digitaltarget.ru	21471	2015-04-23T16:50:51Z	2023-03-13T06:26:03Z	2.7 kB	3.2 kB	185.15.175.133
sync.adspend.space	unknown	2022-10-20T08:12:42Z	2023-03-13T08:33:52Z	954 B	993 B	212.76.129.181
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	4.3 kB	20 kB	104.18.21.226
www.acint.net	29072	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	19 kB	38 kB	193.3.184.229
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	714 B	3.8 kB	104.18.20.226
counter.yadro.ru	7275	2014-09-09T20:41:17Z	2023-03-13T07:26:53Z	448 B	519 B	88.212.201.198
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-13T08:49:52Z	788 B	1.3 kB	142.250.74.130
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
sync.programmatica.com	unknown	2022-12-17T02:18:07Z	2023-03-13T08:33:52Z	887 B	713 B	167.235.117.42
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	6.4 kB	17 kB	23.36.77.32
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	8.4 kB	142.250.74.3
ssp-rtb.sape.ru	31166	2016-02-02T18:01:03Z	2023-03-13T08:33:52Z	447 B	773 B	193.3.184.217
nr.bidderstack.com	352019	2019-02-11T15:43:50Z	2023-03-13T08:33:52Z	421 B	222 B	23.88.12.13
sync.adkernel.com	4993	2017-04-19T11:25:22Z	2023-03-13T05:36:44Z	469 B	190 B	77.245.57.72
mc.yandex.ru	2672	2012-05-21T11:38:30Z	2023-03-13T08:16:45Z	6.1 kB	65 kB	93.158.134.119
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-13T05:09:46Z	786 B	1.5 kB	142.250.74.162
sync.1dmp.io	10017	2016-02-09T12:52:58Z	2023-03-13T08:33:52Z	502 B	230 B	87.242.89.90
ssp.adriver.ru	12439	2014-01-10T14:39:33Z	2023-03-13T08:33:52Z	881 B	376 B	81.222.128.213
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-13T08:39:15Z	1.5 kB	263 kB	142.250.74.162
an.yandex.ru	2577	2017-01-30T06:11:51Z	2023-03-03T18:27:36Z	1.1 kB	86 kB	213.180.193.90
d5.cb.be.a0.top.list.ru	unknown	2013-05-08T22:58:14Z	2023-02-02T04:48:43Z	317 B	915 B	95.163.52.67
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.43.234.55
top-fwz1.mail.ru	8936	2013-04-18T13:48:22Z	2022-05-19T16:25:42Z	809 B	2.9 kB	95.163.52.67
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ssp.bestssp.com	90974	2017-06-10T10:55:20Z	2023-03-13T06:54:27Z	438 B	361 B	185.147.80.35
acint.net	22962	2014-02-14T22:23:16Z	2023-03-13T08:33:52Z	2.4 kB	780 B	193.3.184.229
sync.upravel.com	28097	2017-05-29T11:13:46Z	2023-03-13T08:33:52Z	890 B	1.7 kB	136.243.48.22
www.google.ru	7910	2012-05-22T01:17:07Z	2023-03-13T02:03:26Z	299 B	564 B	216.58.211.3
partner.googleadservices.com	798	2012-10-03T03:04:21Z	2023-03-13T08:39:17Z	440 B	797 B	142.250.74.98
a.utraff.com	39874	2019-02-27T11:01:37Z	2023-03-13T08:33:52Z	380 B	1.1 kB	104.21.59.66
s.uuidksinc.net	3423	2015-07-20T14:00:35Z	2023-03-13T05:57:41Z	424 B	322 B	185.98.54.153
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-13T08:38:38Z	342 B	1.0 kB	104.18.32.68
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	517 B	4.9 kB	142.250.74.34
cs.agency2.ru	unknown	2022-04-29T16:24:02Z	2023-03-13T08:33:52Z	413 B	721 B	23.111.107.44
dmp.gotechnology.io	48839	2019-06-17T18:08:58Z	2023-02-25T12:17:28Z	875 B	932 B	142.132.209.138
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	54 kB	34.120.237.76
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	361 B	6.6 kB	216.58.211.3
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.7 kB	4.8 kB	172.64.155.188
ad.mail.ru	7643	2012-06-22T21:38:09Z	2023-03-13T09:01:54Z	412 B	756 B	95.163.41.56
px.adhigh.net	10272	2013-01-03T22:02:08Z	2023-03-13T06:54:23Z	848 B	1.0 kB	193.232.150.69
x01.aidata.io	12188	2016-03-31T17:36:46Z	2023-03-13T06:54:15Z	865 B	1.3 kB	89.108.119.43

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-02	medium	automan.ru/stat/175.shtml	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (41)

	URL	Size	First Seen	Last Seen
	googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html	9.7 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 5ba05061c66d3e3a39f0573557899b0d f31c916b0c5ba50856c2d505c6a07ac2e3703dea 821afaa0abe5e4fb2292f52492b24ad0e290f7c43766602293856e911b5d1499 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&h=280&slotname=9079585638&adk=858656879&adf=3740876928&pi=t.ma~as.9079585638&w=336&lmt=1675309748&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&wgl=1&dt=1675309748504&bpp=36&bdt=1046&idt=215&shv=r20230131&mjsv=m202301190101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&correlator=1240136757168&frm=20&pv=2&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=515&ady=769&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XKgDOdELg0&p=http%3A//automan.ru&dtd=367	199 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&h=280&slotname=9079585638&adk=858656879&adf=3740876928&pi=t.ma~as.9079585638&w=336&lmt=1675309748&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&wgl=1&dt=1675309748504&bpp=36&bdt=1046&idt=215&shv=r20230131&mjsv=m202301190101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&correlator=1240136757168&frm=20&pv=2&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=515&ady=769&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XKgDOdELg0&p=http%3A//automan.ru&dtd=367 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 3261eef5a6b08bf0bdfcbbad8428400c 3ad6c51858e521cca0d822cffdcd119202f19e60 77f065c830cb5dbd7ec7642133082ebf1d4c43fb819ffb469124ae33d760909d Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	152 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 318e7f59c86548b93d851c90855d8a96 f0f9be8eea20e16883c23809259bc147786a64dc 7e76b79a78542331e937cc6dceac6f17809e6df92738b8b007f8a836bff8bfbe Loading...

	tag.digitaltarget.ru/processor.js?i=923731951241273	16 kB	2023-03-09	2023-05-06
Pretty URL tag.digitaltarget.ru/processor.js?i=923731951241273 IP 185.15.175.144 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:01:11 Last Seen2023-05-06 00:46:42 Times Seen346 Hash 736e2fb1da94f3277e3f931048c1b9f3 196387db95a17da825b629de3542eff901b09905 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc Loading...

	yastatic.net/partner-code-bundles/714405/1c0942547d39e10f5f56.js	14 kB	2023-03-13	2023-03-13
Pretty URL yastatic.net/partner-code-bundles/714405/1c0942547d39e10f5f56.js IP 178.154.131.215 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:03:37 Last Seen2023-03-13 14:48:05 Times Seen1 Hash 8465b90f72ccb0cd3cb4bfffb3418f27 1a209b3c343d2f6a026480b2b9a19ec34bf1ba3b bb070755ca480013041f7b30b62ce9876aa20ffc05849058d129a97502bb31bb Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3116025001724796&plah=automan.ru&bust=31071811	369 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3116025001724796&plah=automan.ru&bust=31071811 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 15:08:23 Times Seen1 Hash 4fe46c29f9647446d145210de6a04562 b33cf5b3a309b243123aece3b3cb97c7ab8b7b6b 4e0d2d2a32eefa493c6913dd1e1d0be03845a4d81b9905969c2a28ba5b8581b6 Loading...

	adservice.google.no/adsid/integrator.js?domain=automan.ru	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.no/adsid/integrator.js?domain=automan.ru IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	www.acint.net/oci.js?t=1675309748417	32 kB	2023-03-12	2024-04-18
Pretty URL www.acint.net/oci.js?t=1675309748417 IP 193.3.184.229 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2024-04-18 15:56:13 Times Seen2022 Hash c3fa5133b6899a2abb39fb79ed94300f dc1d5c75420b38cd7509a783ed09345d0ff78ac4 66b141eb9ae44c86efc510844a71cf208c02d02abe03af3a7d8cc26736d3e19c Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&h=280&slotname=9079585638&adk=858656879&adf=3740876928&pi=t.ma~as.9079585638&w=336&lmt=1675309748&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&wgl=1&dt=1675309748504&bpp=36&bdt=1046&idt=215&shv=r20230131&mjsv=m202301190101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&correlator=1240136757168&frm=20&pv=2&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=515&ady=769&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XKgDOdELg0&p=http%3A//automan.ru&dtd=367	162 B	2023-03-10	2023-03-26
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&h=280&slotname=9079585638&adk=858656879&adf=3740876928&pi=t.ma~as.9079585638&w=336&lmt=1675309748&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&wgl=1&dt=1675309748504&bpp=36&bdt=1046&idt=215&shv=r20230131&mjsv=m202301190101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&correlator=1240136757168&frm=20&pv=2&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=515&ady=769&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=XKgDOdELg0&p=http%3A//automan.ru&dtd=367 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:51:21 Last Seen2023-03-26 13:44:16 Times Seen3 Hash 392b30a2f6ad344eff652ede2ecf9444 95938bc018ca6da291aa6c2754a657e1fb4f4af6 57c97e79f52fed937123e41abc4d3fb33b10cec05d32c1aa20b2e713ece19c15 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373	29 B	2023-03-07	2024-04-15
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-15 15:27:24 Times Seen1575 Hash ffdeabb8ddc079ab75fc11771e82d609 eec3c2fe235719cef576ac181912ce2e832f4b88 593ec3939c38f7d9154231957277279ed105cc7fba028a610644cb510bbbf749 Loading...

	pagead2.googlesyndication.com/pagead/show_ads.js	105 kB	2023-03-13	2023-03-13
Pretty URL pagead2.googlesyndication.com/pagead/show_ads.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:39:49 Last Seen2023-03-13 14:41:31 Times Seen1 Hash ff5bc48b1f1590db19a592c46076b2b5 972c6d52a75c8ca03189cd206bf7ad82e3de333d 343eed70afa32dd5c92149ed42c3d39c39e499ea4bd9fd05119f4d932e99894d Loading...

	automan.ru/stat/175.shtml	30 B	2023-03-12	2023-03-26
Pretty URL automan.ru/stat/175.shtml IP 31.31.198.230 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:46:36 Last Seen2023-03-26 13:44:16 Times Seen3 Hash 1e62298fbad19999be1651962e8e7e59 8ea3ead419c81daddf643c30d9c461b9fa0c619f 882ecb3739726bd317a8c5a8f0d91fa7f78e997d6c989da5ee946ddb76302df4 Loading...

	www.google.ru/cse/brand?form=cse-search-box&lang=ru	14 kB	2023-03-07	2024-04-15
Pretty URL www.google.ru/cse/brand?form=cse-search-box&lang=ru IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2024-04-15 02:46:46 Times Seen3661 Hash 5fd232d76f845e55064ad5069abfc141 afaa74984a2c8eb086ff2d22e0ad2abfce7d272e 6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69 Loading...

	automan.ru/stat/175.shtml	554 B	2023-03-10	2023-03-26
Pretty URL automan.ru/stat/175.shtml IP 31.31.198.230 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:51:21 Last Seen2023-03-26 13:44:16 Times Seen3 Hash 81f39e2f405d17af5dbc7d2ed4bc5233 156496ed777265cad74397cf14e2938d9093836f f823d3f02540e07f197ad05c5421d20d3ecd6e817cfe6030b561ef90e444114f Loading...

	www.acint.net/aci.js	24 kB	2023-03-12	2023-03-13
Pretty URL www.acint.net/aci.js IP 193.3.184.229 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:09:04 Last Seen2023-03-13 14:56:48 Times Seen1 Hash 2a3b4729cdc781aa2e88c6c401334a07 18ad3734a2be60b76759c16234ac977446aad8b5 10e905d0c5be1b88a72a3259db9500b7d3e2f5bc3787b7a36cf3d8dfb572dd7c Loading...

	automan.ru/stat/175.shtml	482 B	2023-03-10	2023-03-26
Pretty URL automan.ru/stat/175.shtml IP 31.31.198.230 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:51:21 Last Seen2023-03-26 13:44:16 Times Seen3 Hash 5c6e7cb23fea6f55de43a7b67cec8de3 cb87e7961e97b9b4002bfc7828c06de033873a74 fcd46980b10b1f9845740bb6d4c2b5f9fab09cab416d4bd7c48ee57ffe81c5b7 Loading...

	automan.ru/stat/175.shtml	189 B	2023-03-10	2023-03-26
Pretty URL automan.ru/stat/175.shtml IP 31.31.198.230 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:51:21 Last Seen2023-03-26 13:44:16 Times Seen3 Hash 4c44fd517b424f1736243767bced294f 0f260c3c213f70db7fe1b66d2cf75c0cc78f7a07 35eb857f9c7be8d61e28d758bf8b64479d7532ac60b3a3af61a43da51260de9a Loading...

	yastatic.net/partner-code-bundles/714405/07cea2bf8567304efc16.js	24 kB	2023-03-13	2023-03-13
Pretty URL yastatic.net/partner-code-bundles/714405/07cea2bf8567304efc16.js IP 178.154.131.215 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:03:37 Last Seen2023-03-13 14:48:05 Times Seen1 Hash b67581123911a2927c9a7af73aa8759d 2dc69633fcac608faae25ab11ec689b7063d20e8 58418af96c530f57138ca1cb6810edda4d8e4135801d1d9334cad94c8be642c0 Loading...

	yastatic.net/partner-code-bundles/714405/2b99100dfd63230eb8ad.js	596 kB	2023-03-13	2023-03-13
Pretty URL yastatic.net/partner-code-bundles/714405/2b99100dfd63230eb8ad.js IP 178.154.131.215 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:03:36 Last Seen2023-03-13 14:48:05 Times Seen1 Hash 85e863bc818327e95fd907449b5cd68c 306fb0bdc03c0d029ad08765daf2e87464b41819 b454d9a885fc6e0c23dece645d228fe827e08261239053034570ceddce848c43 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373	267 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 7cf0d7600ff799bef0f8284b8c7f597c c491e3bc8f310a3c22e4557ddaadfed9884ec56c 09ceddea38f0d1fc2d19dc69e0276bde7fa67d7e27f2fab986d536f5e3c710cd Loading...

	an.yandex.ru/system/context.js	282 kB	2023-03-13	2023-03-13
Pretty URL an.yandex.ru/system/context.js IP 213.180.193.90 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 8afc43b05adb9e06452112cdb92e13d0 1f3a2637fe964ddbef4ce2a0f1e184e220bf20a8 4cfb5f57f330447c661072501a84d607992ee04219c0203fa5efda13347b3979 Loading...

	automan.ru/stat/175.shtml	250 B	2023-03-07	2024-04-18
Pretty URL automan.ru/stat/175.shtml IP 31.31.198.230 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-04-18 11:53:07 Times Seen610 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	yastatic.net/safeframe-bundles/0.83/host.js	34 kB	2023-03-07	2024-04-18
Pretty URL yastatic.net/safeframe-bundles/0.83/host.js IP 178.154.131.215 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-18 15:47:10 Times Seen14563 Hash 2435549eac66915d7464ee7b9efce038 e390598fb192583622a8ea079d5c96dffdb34fb5 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Loading...

	yastatic.net/partner-code-bundles/714405/2ec9a88e40a26b53acde.js	7.0 kB	2023-03-13	2023-03-13
Pretty URL yastatic.net/partner-code-bundles/714405/2ec9a88e40a26b53acde.js IP 178.154.131.215 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:03:36 Last Seen2023-03-13 14:48:05 Times Seen1 Hash 72f078ddc3af9883842e42034889730b 80cf54393f323965ebbad5010714761c75409ff5 7b69dc282dfde4ad8a641d4613ddb17eb3efb3e1e3bcc25650310c81d175b70c Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373	2.0 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 588c002ae63a3705e623515dbcc91e53 1edd4a7ed534bf6a16ed8d363b84af778b271278 9bbcb19605178b6cbafcf9ce123129d170902dbbb1758211771bae205f938f73 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&h=180&slotname=4649386033&adk=3527387619&adf=364580218&pi=t.ma~as.4649386033&w=930&lmt=1675309748&format=930x180&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&wgl=1&dt=1675309748508&bpp=2&bdt=1050&idt=375&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_fmts=0x0&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=235&ady=0&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YBIX809mTG&p=http%3A//automan.ru&dtd=421	199 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&h=180&slotname=4649386033&adk=3527387619&adf=364580218&pi=t.ma~as.4649386033&w=930&lmt=1675309748&format=930x180&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&wgl=1&dt=1675309748508&bpp=2&bdt=1050&idt=375&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_fmts=0x0&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=235&ady=0&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=d%7Cd%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=YBIX809mTG&p=http%3A//automan.ru&dtd=421 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 56747757c8274ce225cfa08936837db0 fa13ab6d8244c96115df5d7e288de83f87d2bbbf d9e544908a57f5a0b6b61b7e4be80dad2e060f2d113d381b8cc1f3852a4c3c5d Loading...

	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 185.15.175.144 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

	automan.ru/stat/175.shtml	52 B	2023-03-07	2024-04-18
Pretty URL automan.ru/stat/175.shtml IP 31.31.198.230 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-18 14:10:41 Times Seen6551 Hash 6d48f89cb998f3bd2608a2249a390a16 9fac7a2a545c24358ed42ac6619918191ff01b95 012266fd23d78b3e873c75c6fa647fd6d9d5f494f3697fd3e252f7b82dc26080 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 17:02:57 Times Seen36946444 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-03-13	2023-03-13
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 193.3.184.229 ASN #50214 QWARTA LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 52a9f204d514eda46f5447f6d5270d61 e9860509bf2535427c2d82002df4309440f8a32f 408eecca37aba77af6e8fda925988c9b2c972ea5fd188e61e87877cc038e312f Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=automan.ru&callback=_gfp_s_&client=ca-pub-3116025001724796	387 B	2023-03-13	2023-03-13
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=automan.ru&callback=_gfp_s_&client=ca-pub-3116025001724796 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash bec0e19f2d7a0e7b9bb30c32a88854c0 d75d9fe47c69ca7b949731d1a1c70923ce2e8ba8 839f680b693fd9d1d907e304766ec3e8bd8057281d0cbcb55823e239c65dc544 Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373	596 B	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:41:31 Last Seen2023-03-13 14:41:31 Times Seen1 Hash 9de6297c3ff57fc88592ed13d7e4ab62 cb7daa09d505d5d5525369a682a5728d5f6c6c39 a6cd1b6cc02c4a6f008e457e13936fa46a96df08d23868b9bf2197d6b2e714b0 Loading...

	mc.yandex.ru/metrika/watch.js	166 kB	2023-03-13	2023-05-10
Pretty URL mc.yandex.ru/metrika/watch.js IP 93.158.134.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:20:32 Last Seen2023-05-10 05:40:32 Times Seen2 Hash 37fb0b742eb548eda76e0b3eac7e7728 8ed08cfa4df0606120b516c399532ddacec04a26 28e61bfe4ec59cb82441109a6d54ee0bd7178bb3f9c0c27fb0e62bc31e2b4bff Loading...

	automan.ru/stat/175.shtml	159 B	2023-03-10	2023-03-26
Pretty URL automan.ru/stat/175.shtml IP 31.31.198.230 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:51:21 Last Seen2023-03-26 13:44:16 Times Seen3 Hash d964cd96c6f1af45352e71044ce59e55 ae14d2f69d4ca8fe65d59ad22aa02f6eb643f822 2b2427abecad723d09c87e0f1d55ab0e7b0a681abdff66f1415d594f38c7b810 Loading...

	yastatic.net/partner-code-bundles/714405/720d8667429e190b693c.js	111 kB	2023-03-13	2023-03-13
Pretty URL yastatic.net/partner-code-bundles/714405/720d8667429e190b693c.js IP 178.154.131.215 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:03:36 Last Seen2023-03-13 14:47:38 Times Seen1 Hash 178fc385d28a8216ff9c4b5c979ee115 004bb000ccd93f891c213b8cdca4a27b40d9b0b7 e49554d513edb5898fccfa0732fed370b7cc52fde31c37e53862f9e04e55d18e Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373	8.4 kB	2023-03-08	2023-11-03
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:45 Last Seen2023-11-03 08:02:11 Times Seen3 Hash 6aa91ea75f09f5e352ba720dc7bf4328 fee3029e5b6ef7c3fa86475a867631034bf4a2de 0e65d552e39bcdf2646bf8ac2aed12da726b3af08af5f3a03a84ad743a7f233a Loading...

	googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373	46 B	2023-03-07	2024-04-15
Pretty URL googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3116025001724796&output=html&adk=1812271804&adf=3025194257&lmt=1675309748&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&ea=0&pra=5&wgl=1&dt=1675309748504&bpp=4&bdt=1046&idt=306&shv=r20230131&mjsv=m202301190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dac77891ccaedb2e3-22b9f52c83db00ae%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZhXHybrCLW4d0QZIqvB1V_QFsp7w&gpic=UID%3D00000bae0812c94a%3AT%3D1675309724%3ART%3D1675309724%3AS%3DALNI_MZ2sqf4zA7ItZ-s4PEVNumYCdjmpQ&prev_slotnames=9079585638&nras=1&correlator=1240136757168&frm=20&pv=1&ga_vid=736791780.1675309749&ga_sid=1675309749&ga_hid=1216365591&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31071811%2C31071663&oid=2&pvsid=3632317878766665&tmod=176788081&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=373 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-15 15:27:25 Times Seen1584 Hash 4f0abc3ba95c84ebf5cc9987135b4168 cc7819e635f40040efef3ed36f44e35243c092fa 556cf7831e8acf0289fe5045796235dba49cf88c1b9cf908f8291dbd9a86786d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

		Size	First Seen	Last Seen
	#1 Write - b45eeabb39e2664d532f5ebf998fad53	84 B	2023-03-07	2024-01-21
Pretty Observations First Seen2023-03-07 12:09:08 Last Seen2024-01-21 12:34:20 Times Seen34 Hash b45eeabb39e2664d532f5ebf998fad53 9b808eae8e2b56b68520114d09d312ea88059f7d c06660d990623e138697a0ca4a5ba1b4a60ddb3fcdf0f11fe9f65b06457a7d83 Loading...

	#2 Write - cb0ff7505ecb23f7ef1125bd7190170f	208 B	2023-03-12	2023-03-26
Pretty Observations First Seen2023-03-12 22:46:36 Last Seen2023-03-26 13:44:17 Times Seen3 Hash cb0ff7505ecb23f7ef1125bd7190170f 05c036adc1b18bf9f038915e564b3e29e710f0ad cb28157aeed86c03bce674fcf93da3d89d6296ce9a10937e5d9d9fddd48eff36 Loading...

	#3 Write - aad65e592d1d16b7f32018c99ff68db7	305 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 14:41:32 Last Seen2023-03-13 14:41:32 Times Seen1 Hash aad65e592d1d16b7f32018c99ff68db7 00b18fdff0de8016e1c9f205b2ad84322040d5d2 474f1a59a1cf24d12bb278190fa277178b4977c9dcdd60237a58d9abd0875101 Loading...

HTTP Transactions (181)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6615
Expires: Thu, 02 Feb 2023 05:38:57 GMT
Date: Thu, 02 Feb 2023 03:48:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5401
Expires: Thu, 02 Feb 2023 05:18:43 GMT
Date: Thu, 02 Feb 2023 03:48:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 03:36:03 GMT
content-type: application/json
age: 759
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18874
Expires: Thu, 02 Feb 2023 09:03:16 GMT
Date: Thu, 02 Feb 2023 03:48:42 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: rlwG4cXAjZ7NLQcsJe5EphKaH+Mxt9/4MEdt/OC9jQgmJnnipNhnXcbS0Xj8tcEcP4FkLdkh7cQ=
x-amz-request-id: SCR7CJ973ZSFT4MY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 02:51:48 GMT
age: 3414
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:48:42 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

automan.ru/stat/175.shtml

31.31.198.230

200 OK

4.9 kB

URL HTTP/1.1
automan.ru/stat/175.shtml
IP
31.31.198.230:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (575), with CRLF, LF line terminators
Size
4.9 kB (4881 bytes)
Hash
5338b93b52198af864db3f06162bc45b
a2972dc6f8f19d162fa8672c8411a49918004472
8e53da955f457434514c25fbfff51b6a4038dcc48f2585dcef058ff87e291b3b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /stat/175.shtml HTTP/1.1
Host: automan.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Content-Encoding: gzip

www.google.ru/cse/brand?form=cse-search-box&lang=ru

216.58.211.3

301 Moved Permanently

237 B

URL HTTP/1.1
www.google.ru/cse/brand?form=cse-search-box&lang=ru
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
237 B (237 bytes)
Hash
bda0dec939809d66ff8388fe5c716412
d768e1edcca0d64e15c1a26978d19c8fdfbd4e4f
334f05a39cdb64bac9f876dd2a2011649d08d578f6d751460c91ca294f3304cd

HTTP Headers

GET /cse/brand?form=cse-search-box&lang=ru HTTP/1.1
Host: www.google.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 301 Moved Permanently
Location: https://www.gstatic.com/prose/brandjs.js
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Thu, 02 Feb 2023 03:48:43 GMT
Expires: Thu, 02 Feb 2023 04:18:43 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 237
X-XSS-Protection: 0

pagead2.googlesyndication.com/pagead/show_ads.js

142.250.74.162

200 OK

37 kB

URL HTTP/1.1
pagead2.googlesyndication.com/pagead/show_ads.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4131)
Size
37 kB (36748 bytes)
Hash
290d9c160191cdf301ca1330169fcf4e
0265a0f685a7495163af23e29b219ff3b55b5f48
4eabe7c2072a56911ad3980ae8fe2d1e39b76d79f8ec037cbc5d04bfd6aaf168

HTTP Headers

GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 02 Feb 2023 03:48:43 GMT
Expires: Thu, 02 Feb 2023 03:48:43 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 8279358192419345669
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36748
X-XSS-Protection: 0

automan.ru/style.css

31.31.198.230

200 OK

1.5 kB

URL HTTP/1.1
automan.ru/style.css
IP
31.31.198.230:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
assembler source, ISO-8859 text
Size
1.5 kB (1461 bytes)
Hash
38ba8231b0f8534e2204243d0efb33a8
2aaa73bf404c06d2052d424795ac611e2f39ba8b
43a76ebdf93327775de4d6afe306f1570346b2a798345aef9522882a878ac742

HTTP Headers

GET /style.css HTTP/1.1
Host: automan.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/stat/175.shtml

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 20 Oct 2014 20:07:20 GMT
Content-Encoding: gzip

mc.yandex.ru/metrika/watch.js

93.158.134.119

302 Moved temporarily

0 B

URL HTTP/1.1
mc.yandex.ru/metrika/watch.js
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js

automan.ru/images/logo.gif

31.31.198.230

200 OK

3.1 kB

URL HTTP/1.1
automan.ru/images/logo.gif
IP
31.31.198.230:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
GIF image data, version 89a, 122 x 100\012- data
Size
3.1 kB (3064 bytes)
Hash
7e186ca4a4bd929fe3ebb4b4bbd40c81
740a428c26b5cc04b8b0b180d00447dac4888c34
f3346403b7359301d7dcec28be3d547ae293ea43aeee690ff18fed8b25615b9a

HTTP Headers

GET /images/logo.gif HTTP/1.1
Host: automan.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/stat/175.shtml

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: image/gif
Content-Length: 3064
Connection: keep-alive
Last-Modified: Sat, 22 Jan 2005 06:58:55 GMT
Accept-Ranges: bytes

automan.ru/1x1.gif

31.31.198.230

200 OK

43 B

URL HTTP/1.1
automan.ru/1x1.gif
IP
31.31.198.230:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /1x1.gif HTTP/1.1
Host: automan.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/stat/175.shtml

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 20 Oct 2014 20:07:20 GMT
Accept-Ranges: bytes

automan.ru/fon.gif

31.31.198.230

200 OK

215 B

URL HTTP/1.1
automan.ru/fon.gif
IP
31.31.198.230:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
GIF image data, version 89a, 800 x 12\012- data
Size
215 B (215 bytes)
Hash
623b6a150e48b588b0425f97a9dc04d4
c87b174e79bfa260c2404d5079e69482c0d9461a
531c65fa11126e65e4d63a18be35343018f0eab6fea0b6017a67eddb9bb8b19e

HTTP Headers

GET /fon.gif HTTP/1.1
Host: automan.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/style.css

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: image/gif
Content-Length: 215
Connection: keep-alive
Last-Modified: Mon, 20 Oct 2014 20:07:20 GMT
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
fc862188f9738a1ff408d6eda9778880
dbdc1627c7f70e9747e9abb47fac9de881b59cf8
18abcb34e1c7225595187e0157544304d99600a9cebb0ce271b9aae219b3d9b0

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:31:04 GMT
ETag: "dbdc1627c7f70e9747e9abb47fac9de881b59cf8"
Last-Modified: Thu, 02 Feb 2023 01:31:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2475
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3eaf8b01c12-OSL

informer.gismeteo.ru/27890-33.GIF

185.134.203.99

200 OK

4.7 kB

URL HTTP/1.1
informer.gismeteo.ru/27890-33.GIF
IP
185.134.203.99:0
ASN
#203444 MapMakers Group Ltd

File type
GIF image data, version 87a, 100 x 100\012- data
Size
4.7 kB (4706 bytes)
Hash
dea1dd3a709e6a00fe1b1caa7f71f3d8
33d3ec9e921b61d022388614028f9ef29dd65e25
2edde6c46da315bb16d7631d0b47924809c96b42dda93d1b733d814d6b2e6696

HTTP Headers

GET /27890-33.GIF HTTP/1.1
Host: informer.gismeteo.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.37
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Server: gis

www.gstatic.com/prose/brandjs.js

216.58.211.3

200 OK

5.8 kB

URL HTTP/2
www.gstatic.com/prose/brandjs.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1352)
Size
5.8 kB (5807 bytes)
Hash
10aa07ab4f7de5535f4cafe167ca4fa7
6c804574a29f9d8a77ed2823a7879e56dbc42c22
d111484a9bceee10b129b20ebd4ead4639b5d7dd78117522249195fb84db3cf0

HTTP Headers

GET /prose/brandjs.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 5807
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 18:43:17 GMT
expires: Thu, 02 Feb 2023 18:43:17 GMT
cache-control: public, max-age=86400
age: 32726
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 03:41:43 GMT
age: 420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/watch.js

93.158.134.119

200 OK

58 kB

URL HTTP/2
mc.yandex.ru/metrika/watch.js
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Size
58 kB (58140 bytes)
Hash
315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a

HTTP Headers

GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 58140
date: Thu, 02 Feb 2023 03:48:43 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Thu, 02 Feb 2023 04:48:43 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4819
Expires: Thu, 02 Feb 2023 05:09:02 GMT
Date: Thu, 02 Feb 2023 03:48:43 GMT
Connection: keep-alive

an.yandex.ru/system/context.js

213.180.193.90

200 Ok

84 kB

URL HTTP/1.1
an.yandex.ru/system/context.js
IP
213.180.193.90:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (65492)
Size
84 kB (84463 bytes)
Hash
2a43bac3fdee964206b28c6ab6ae183f
48957364e2eff409ed6f043a2f1d514238824530
b176d4362255d6f7441c6ec0d2cacc570c834eed62253fbcd27b63ce0ade2538

HTTP Headers

GET /system/context.js HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 200 Ok
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 02 Feb 2023 04:48:43 GMT
Keep-Alive: timeout=600
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *
Transfer-Encoding: chunked
X-Robots-Tag: noindex, noarchive, nofollow
X-Yandex-Req-Id: 1675309723535760-751877914763552134500109-production-app-host-sas-pcode-350

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
6d9ce6f45f04065251b2706eb03283d3
191a2a8d9f465c0205babd408846b48c044ec35b
4133fc99d5b59cf8d0f42be2ba9d36947fde57837b9cbc00e20a1a370a0fa3ca

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:50:52 GMT
ETag: "191a2a8d9f465c0205babd408846b48c044ec35b"
Last-Modified: Thu, 02 Feb 2023 00:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1144
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3ed99811c12-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
6d9ce6f45f04065251b2706eb03283d3
191a2a8d9f465c0205babd408846b48c044ec35b
4133fc99d5b59cf8d0f42be2ba9d36947fde57837b9cbc00e20a1a370a0fa3ca

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:50:52 GMT
ETag: "191a2a8d9f465c0205babd408846b48c044ec35b"
Last-Modified: Thu, 02 Feb 2023 00:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1144
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3eda9861c12-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
6d9ce6f45f04065251b2706eb03283d3
191a2a8d9f465c0205babd408846b48c044ec35b
4133fc99d5b59cf8d0f42be2ba9d36947fde57837b9cbc00e20a1a370a0fa3ca

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:50:52 GMT
ETag: "191a2a8d9f465c0205babd408846b48c044ec35b"
Last-Modified: Thu, 02 Feb 2023 00:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1144
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3edbbd5b523-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
938 B (938 bytes)
Hash
6d9ce6f45f04065251b2706eb03283d3
191a2a8d9f465c0205babd408846b48c044ec35b
4133fc99d5b59cf8d0f42be2ba9d36947fde57837b9cbc00e20a1a370a0fa3ca

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:43 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:50:52 GMT
ETag: "191a2a8d9f465c0205babd408846b48c044ec35b"
Last-Modified: Thu, 02 Feb 2023 00:50:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1144
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3edbb65b518-OSL

yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

178.154.131.215

200 OK

26 kB

URL HTTP/2
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Size
26 kB (26004 bytes)
Hash
7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

HTTP Headers

GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Fri, 02 Feb 2024 09:37:41 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 688d4065e5a78004
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/partner-code-bundles/714405/2b99100dfd63230eb8ad.js

178.154.131.215

200 OK

113 kB

URL HTTP/2
yastatic.net/partner-code-bundles/714405/2b99100dfd63230eb8ad.js
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (65497)
Size
113 kB (113282 bytes)
Hash
91a7765a6b9860770b175564c6219b97
ed3be3b989fe3ff0f3a044f56a76b636fff35c37
67f16b0b168972ae43be679e6cab83334d223186cae3f5639e288927f8b6aab9

HTTP Headers

GET /partner-code-bundles/714405/2b99100dfd63230eb8ad.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 113282
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "91a7765a6b9860770b175564c6219b97"
expires: Sat, 01 Feb 2053 10:23:52 GMT
last-modified: Tue, 31 Jan 2023 09:59:26 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.43.234.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.234.55:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cceHowszTDYi6ytJIOcNCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yGhPSi7hBHQqVrAHXiBh9G2bG+E=

yastatic.net/partner-code-bundles/714405/07cea2bf8567304efc16.js

178.154.131.215

200 OK

7.9 kB

URL HTTP/2
yastatic.net/partner-code-bundles/714405/07cea2bf8567304efc16.js
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (23593)
Size
7.9 kB (7928 bytes)
Hash
3bd7ccc3e9663622f5af4a9a8d63727d
c54d25599cebe94d52f5780267ac25532612a7e5
fdfed9b9927c8a8437d0db6c7ddabe506c4a25c3fb35f697e0553bc7f1ee5d0a

HTTP Headers

GET /partner-code-bundles/714405/07cea2bf8567304efc16.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 7928
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "3bd7ccc3e9663622f5af4a9a8d63727d"
expires: Sat, 01 Feb 2053 10:23:52 GMT
last-modified: Tue, 31 Jan 2023 09:59:26 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/partner-code-bundles/714405/2ec9a88e40a26b53acde.js

178.154.131.215

200 OK

2.1 kB

URL HTTP/2
yastatic.net/partner-code-bundles/714405/2ec9a88e40a26b53acde.js
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (6989)
Size
2.1 kB (2065 bytes)
Hash
f21213ef33c13b85b38e90bbae0568b1
817eb9b88b465a33b731ab9ddff6abede8d9b71c
ba4cf9e93bf83ccc401a029c31054457b18a7f79258a5c2fb884c7bd86dfcff1

HTTP Headers

GET /partner-code-bundles/714405/2ec9a88e40a26b53acde.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 2065
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f21213ef33c13b85b38e90bbae0568b1"
expires: Sat, 01 Feb 2053 10:23:52 GMT
last-modified: Tue, 31 Jan 2023 09:59:26 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/partner-code-bundles/714405/1c0942547d39e10f5f56.js

178.154.131.215

200 OK

4.8 kB

URL HTTP/2
yastatic.net/partner-code-bundles/714405/1c0942547d39e10f5f56.js
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (14344)
Size
4.8 kB (4802 bytes)
Hash
c98cd693d1fd0c6e16cc660e1a282e1c
393a82349944bae291d1957018d2a075989a876c
b012ca61eb5f21b7a4b293412020647fadf79437e64a74e2593a566f471981a6

HTTP Headers

GET /partner-code-bundles/714405/1c0942547d39e10f5f56.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 4802
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "c98cd693d1fd0c6e16cc660e1a282e1c"
expires: Sat, 01 Feb 2053 10:23:52 GMT
last-modified: Tue, 31 Jan 2023 09:59:26 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/safeframe-bundles/0.83/host.js

178.154.131.215

200 OK

8.9 kB

URL HTTP/2
yastatic.net/safeframe-bundles/0.83/host.js
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (33703), with no line terminators
Size
8.9 kB (8878 bytes)
Hash
f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6

HTTP Headers

GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Sat, 01 Feb 2053 10:23:13 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/partner-code-bundles/714405/720d8667429e190b693c.js

178.154.131.215

200 OK

24 kB

URL HTTP/2
yastatic.net/partner-code-bundles/714405/720d8667429e190b693c.js
IP
178.154.131.215:0
ASN
#13238 YANDEX LLC

File type
ASCII text, with very long lines (65494)
Size
24 kB (23513 bytes)
Hash
830eb18e00e6b66e106222c55c4b8e95
f1d9eaa67f7c63d4b9088c42296851eeb9334b26
73290944cb348bd9f6af5ccfae6a4e5a7c9494f63717948fb528526c88c1908a

HTTP Headers

GET /partner-code-bundles/714405/720d8667429e190b693c.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 23513
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "830eb18e00e6b66e106222c55c4b8e95"
expires: Sat, 01 Feb 2053 10:23:52 GMT
last-modified: Tue, 31 Jan 2023 09:59:26 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5117915a0a3632d04b72e65ea2a4fe72
2263c7273f623d75b82fb8ca00e5a771956b0d89
cf4eb4156859b45fd6cce69e44a6b4a3cbc777cae9ae3855e431e43510ab34d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF4EB4156859B45FD6CCE69E44A6B4A3CBC777CAE9AE3855E431E43510AB34D5"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1807
Expires: Thu, 02 Feb 2023 04:18:50 GMT
Date: Thu, 02 Feb 2023 03:48:43 GMT
Connection: keep-alive

www.acint.net/aci.js

193.3.184.229

200 OK

7.8 kB

URL HTTP/2
www.acint.net/aci.js
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
ASCII text, with very long lines (1649)
Size
7.8 kB (7757 bytes)
Hash
23df47b4330754db70e9c1e32f0092d6
dea956b3a9dad9fa3cc352180be435943e8d0352
0056d5c8969a597094abb6cc9f3a383631ba9c0f13ac620d735f0788807fb4de

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:43 GMT
content-type: application/x-javascript
content-length: 7757
last-modified: Mon, 09 Jan 2023 08:01:05 GMT
etag: "63bbc9c1-1e4d"
content-encoding: gzip
expires: Thu, 02 Feb 2023 15:48:43 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 03:48:43 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Thu, 02 Feb 2023 04:48:43 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.162

200 OK

53 kB

URL HTTP/1.1
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4879)
Size
53 kB (52565 bytes)
Hash
b7e80e3629f00237ef9199fe795f679f
c314a01769253412450cf8571d0a448b0ee40b99
367527e6e9881c66ee0f243638eb92b33ce18939c315fdde5c66a404d5c4d168

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 02 Feb 2023 03:48:43 GMT
Expires: Thu, 02 Feb 2023 03:48:43 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 8666626523488972277
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52565
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

automan.ru/favicon.ico

31.31.198.230

200 OK

318 B

URL HTTP/1.1
automan.ru/favicon.ico
IP
31.31.198.230:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size
318 B (318 bytes)
Hash
6ca4c66fb6ffdb33be2b3deca9f63d9d
28bed97e4a2967a66a8f42b91811734f1acf29f5
9d986390dc03f97a95a17b15d98992dcca199bd7b0a08080aef4451ed600a587

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: automan.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/stat/175.shtml
Cookie: _ym_uid=1675309748141191675; _ym_d=1675309748

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: image/x-icon
Content-Length: 318
Connection: keep-alive
Last-Modified: Mon, 20 Oct 2014 20:07:20 GMT
Accept-Ranges: bytes

www.yandex.ru/cycounter?www.automan.ru

77.88.55.55

302 Moved temporarily

0 B

URL HTTP/1.1
www.yandex.ru/cycounter?www.automan.ru
IP
77.88.55.55:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cycounter?www.automan.ru HTTP/1.1
Host: www.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://www.yandex.ru/cycounter?www.automan.ru
NEL: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
Report-To: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Yandex-Req-Id: 1675309724038854-13658771799474661739-sas3-0803-af2-sas-l7-balancer-8080-BAL
set-cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Sat, 01 Feb 2025 03:48:44 GMT; SameSite=None; Secure
is_gdpr_b=CPvaURCmpAEYAQ==; Path=/; Domain=.yandex.ru; Expires=Sat, 01 Feb 2025 03:48:44 GMT; SameSite=None; Secure
_yasc=EYo4xZWWKTU8itixRb0GtbCvniWuftgVsQ247x/fzNdetUu1jyo4tBcZRMKC; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 03:48:44 GMT; secure

d5.cb.be.a0.top.list.ru/counter?id=963996;t=211

95.163.52.67

302 Moved Temporarily

0 B

URL HTTP/1.1
d5.cb.be.a0.top.list.ru/counter?id=963996;t=211
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /counter?id=963996;t=211 HTTP/1.1
Host: d5.cb.be.a0.top.list.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://top-fwz1.mail.ru/counter?id=963996;t=211;ver=30
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: private, no-cache, no-store, max-age=0
Pragma: no-cache
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Accept-CH-Lifetime: 86400

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/cse/static/images/1x/ru/branding.png

216.58.207.228

200 OK

1.4 kB

URL HTTP/2
www.google.com/cse/static/images/1x/ru/branding.png
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
PNG image data, 122 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1377 bytes)
Hash
e770ec84500d347839c7423065c70cca
e2c97aa6ef07b37f008e71357d2b7c6daa3ae8ab
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

HTTP Headers

GET /cse/static/images/1x/ru/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1377
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:20:24 GMT
expires: Sun, 28 Jan 2024 10:20:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 May 2020 08:30:00 GMT
content-type: image/png
age: 408500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.162

200 OK

50 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3649)
Size
50 kB (50173 bytes)
Hash
b9fd14b8c84e5579eee3ed72a0571883
f23fa9a612c9dac44ec5f86db1c139c00e4675ce
b7d52fd812da38fa01d4920ff0527e470ddc1fcfbccbae936f76ead129062c1a

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 03:48:44 GMT
expires: Thu, 02 Feb 2023 03:48:44 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14018467337809644281
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10

193.3.184.229

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/mc/?dp=10
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10

www.acint.net/oci.js?t=1675309748417

193.3.184.229

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/oci.js?t=1675309748417
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /oci.js?t=1675309748417 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675309748417

www.acint.net/hit/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=01261201&u=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&r=&rs=1280x1024&t=%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&oE=1&oP=1&dT=2023-02-02T03%3A49%3A08.415&fu=d0196fac-12ac-4ac9-ae14-53a1ad08e259

193.3.184.229

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/hit/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=01261201&u=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&r=&rs=1280x1024&t=%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&oE=1&oP=1&dT=2023-02-02T03%3A49%3A08.415&fu=d0196fac-12ac-4ac9-ae14-53a1ad08e259
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /hit/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=01261201&u=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&r=&rs=1280x1024&t=%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&oE=1&oP=1&dT=2023-02-02T03%3A49%3A08.415&fu=d0196fac-12ac-4ac9-ae14-53a1ad08e259 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=01261201&u=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&r=&rs=1280x1024&t=%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&oE=1&oP=1&dT=2023-02-02T03%3A49%3A08.415&fu=d0196fac-12ac-4ac9-ae14-53a1ad08e259

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html

142.250.74.34

200 OK

4.2 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Size
4.2 kB (4242 bytes)
Hash
2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345

HTTP Headers

GET /pagead/html/r20230131/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:39:37 GMT
expires: Thu, 16 Feb 2023 00:39:37 GMT
cache-control: public, max-age=1209600
age: 11347
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3116025001724796&plah=automan.ru&bust=31071811

142.250.74.162

200 OK

121 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3116025001724796&plah=automan.ru&bust=31071811
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4056)
Size
121 kB (121045 bytes)
Hash
effa280e94dcb96a2a80fe6aa068f59a
707f1b631ad4de6cf67a7f5caee841e579b5a33c
59ff48478a0486df6eaed53c26ac8e4bf06aacbdc58dd6ecabe3e69895c66e89

HTTP Headers

GET /pagead/managed/js/adsense/m202301190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3116025001724796&plah=automan.ru&bust=31071811 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 03:48:44 GMT
expires: Thu, 02 Feb 2023 03:48:44 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 3165100014593145634
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.acint.net/mc/?dp=10

193.3.184.229

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 02-Feb-23 03:58:44 GMT
aid=CkIDFWPbMpw1/xNOlRChAk1X2machLfjn2hEPuWVTqo+DK5r; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=01261201&u=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&r=&rs=1280x1024&t=%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&oE=1&oP=1&dT=2023-02-02T03%3A49%3A08.415&fu=d0196fac-12ac-4ac9-ae14-53a1ad08e259
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=01261201&u=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&r=&rs=1280x1024&t=%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&oE=1&oP=1&dT=2023-02-02T03%3A49%3A08.415&fu=d0196fac-12ac-4ac9-ae14-53a1ad08e259 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

mc.yandex.ru/watch/1827/1?wmode=7&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A819%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A783412468669%3Ahid%3A556898536%3Az%3A0%3Ai%3A20230202034908%3Aet%3A1675309748%3Ac%3A1%3Arn%3A622192966%3Arqn%3A1%3Au%3A1675309748141191675%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C54%2C441%2C0%2C-9%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675309746874%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675309748%3At%3A%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

93.158.134.119

200 OK

407 B

URL HTTP/2
mc.yandex.ru/watch/1827/1?wmode=7&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A819%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A783412468669%3Ahid%3A556898536%3Az%3A0%3Ai%3A20230202034908%3Aet%3A1675309748%3Ac%3A1%3Arn%3A622192966%3Arqn%3A1%3Au%3A1675309748141191675%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C54%2C441%2C0%2C-9%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675309746874%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675309748%3At%3A%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
722ea55f99a636f38e8149790c4541f4
d571f6d8688fab9cc8bf0399fc13e67ff808c27a
fbd7e79b98dac435402268fa2e614fdf949a50f640e0d4dbfd30e1b3e293d984

HTTP Headers

GET /watch/1827/1?wmode=7&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A819%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A783412468669%3Ahid%3A556898536%3Az%3A0%3Ai%3A20230202034908%3Aet%3A1675309748%3Ac%3A1%3Arn%3A622192966%3Arqn%3A1%3Au%3A1675309748141191675%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C54%2C441%2C0%2C-9%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675309746874%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675309748%3At%3A%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 407
date: Thu, 02 Feb 2023 03:48:44 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://automan.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 03:48:44 GMT
last-modified: Thu, 02-Feb-2023 03:48:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
2d71b883e815e5377e30ea9ecb86f44e
48c6855735bd96b91cbed064acae766bec8987cd
9a8d9f53386a17f038963b77ab5c72eec95a16aa30782ccde15bb3d94b7c32ae

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:48:58 GMT
ETag: "48c6855735bd96b91cbed064acae766bec8987cd"
Last-Modified: Thu, 02 Feb 2023 01:48:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 470
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f0cb1d1bfa-OSL

www.acint.net/oci.js?t=1675309748417

193.3.184.229

200 OK

16 kB

URL HTTP/2
www.acint.net/oci.js?t=1675309748417
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
data
Size
16 kB (15501 bytes)
Hash
23a58e22926ad7a596a36bd125d64531
b078dd961276f7b21c9aa564f265173cc13a383c
6b0a54a6ceb8f45f7252360f850d8b57a043132b027211abe283af2774c9430e

HTTP Headers

GET /oci.js?t=1675309748417 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:14 GMT
etag: W/"63bbc9ca-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2

counter.yadro.ru/hit?t14.11;r;s1280*1024*24;uhttp%3A//automan.ru/stat/175.shtml;0.6548843451636623

88.212.201.198

200 OK

216 B

URL HTTP/1.1
counter.yadro.ru/hit?t14.11;r;s1280*1024*24;uhttp%3A//automan.ru/stat/175.shtml;0.6548843451636623
IP
88.212.201.198:0
ASN
#39134 United Network LLC

File type
GIF image data, version 87a, 88 x 31\012- data
Size
216 B (216 bytes)
Hash
f2b9ecdaa8ed4905e47e753d7b123f14
a1f6a5325965a8b7a45c0f2ea6f1af2e387d9fa2
3375eab9b89322202030f239b35ca83b3bdfcb5a46baec6448ba404fca207e19

HTTP Headers

GET /hit?t14.11;r;s1280*1024*24;uhttp%3A//automan.ru/stat/175.shtml;0.6548843451636623 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: image/gif
Content-Length: 216
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

www.acint.net/mc/?dp=10&tc=1

193.3.184.229

200 OK

2.2 kB

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
data
Size
2.2 kB (2219 bytes)
Hash
852bb32e64f694beb56c7650d6e1d568
213915f62ba4a5bd862a75ccd63028be82aac60b
37e2e32ec1774e7f64a5b550bfa98c6c0796c1d257ce59fd99345d2be2057cbe

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRChAk1X2machLfjn2hEPuWVTqo+DK5r
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1675309724; expires=Fri, 03-Feb-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53v2=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp98v2=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1675309724; expires=Thu, 16-Feb-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v3=1675309724; expires=Fri, 17-Feb-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp235=1675309724; expires=Sat, 04-Mar-23 03:48:44 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

partner.googleadservices.com/gampad/cookie.js?domain=automan.ru&callback=_gfp_s_&client=ca-pub-3116025001724796

142.250.74.98

200 OK

250 B

URL HTTP/2
partner.googleadservices.com/gampad/cookie.js?domain=automan.ru&callback=_gfp_s_&client=ca-pub-3116025001724796
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (387), with no line terminators
Size
250 B (250 bytes)
Hash
95db2e79fead7ecba70f7c5abe2c1885
3dd4ca0f868ed1cbfe180579fb693d5289799722
e8b491bb12a1384edf1c9ff50f325b045fbf393225f9a9df3efc7b15c54e33af

HTTP Headers

GET /gampad/cookie.js?domain=automan.ru&callback=_gfp_s_&client=ca-pub-3116025001724796 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 03:48:44 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adservice.google.no/adsid/integrator.js?domain=automan.ru

142.250.74.162

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=automan.ru
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=automan.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 03:48:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=automan.ru

142.250.74.130

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=automan.ru
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=automan.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 03:48:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

top-fwz1.mail.ru/counter?id=963996;t=211;ver=30

95.163.52.67

302 Found

0 B

URL HTTP/2
top-fwz1.mail.ru/counter?id=963996;t=211;ver=30
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /counter?id=963996;t=211;ver=30 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?id=963996;t=211;ver=30
set-cookie: FTID=1RMYgQ0tkIIF:1675309724:963996:::; path=/; expires=Sat, 03-Feb-24 03:48:44 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/adsid/integrator.js?domain=automan.ru

142.250.74.162

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=automan.ru
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=automan.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 03:48:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=automan.ru

142.250.74.130

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=automan.ru
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=automan.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 03:48:44 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

top-fwz1.mail.ru/counter2?id=963996;t=211;ver=30

95.163.52.67

200 OK

912 B

URL HTTP/2
top-fwz1.mail.ru/counter2?id=963996;t=211;ver=30
IP
95.163.52.67:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 87a, 88 x 31\012- data
Size
912 B (912 bytes)
Hash
85daa6ed314c1628727efb5f8e15cc20
b1ced0cb6e8f3bdaf99a20c1c5532a049111b3ab
4419e2b2e86157379deaf972aaee3fd2b42aa8b73d511bfe259fc207ef49b74b

HTTP Headers

GET /counter2?id=963996;t=211;ver=30 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 912
set-cookie: FTID=1RMYgQ0tkIIF:1675309724:963996:::; path=/; expires=Sat, 03-Feb-24 03:48:44 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2

a.utraff.com/sync?ssp=Sape

104.21.59.66

204 No Content

0 B

URL HTTP/2
a.utraff.com/sync?ssp=Sape
IP
104.21.59.66:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sat, 04 Mar 2023 06:48:44 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sat, 04 Mar 2023 06:48:44 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1BDaI2Zsc%2Bp%2Bb6E8NoBilUQDE0IJqBjCwW68lMcgK6wLsRhOKkcCWL0ekTy8OgKmOKX7cdeNmIGKEInoQfZq7PW2uOWUG2cGaqoSF3lUlqcyMcUSRUsvdMuwce17HA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792ff3f1d8f8b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c70fa210db8cb3a65d555bef49e050bc
8a834fe202d34465e13fdaefc7562702097e0fdc
d13d61f106ad0d5b69027daa0e626df63e0aaeac2f46f244f0806bcc90f69e0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D13D61F106AD0D5B69027DAA0E626DF63E0AAEAC2F46F244F0806BCC90F69E0F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3696
Expires: Thu, 02 Feb 2023 04:50:20 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f44095f8ebc7d211f4ee24d88a703128
97263cb2c5d0237c08bee075fb75c8bddefddf2c
1183ec38cb48e7986d42d545c968616fe9f996f73849f1da6c111eb4ccfbb529

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:48:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
213bf18096690cc57ffe2b030352f8ce
6d09271ba2e35da23eac601cccea7e3ec3b4a604
7969d8481f3db7aa880ccee7fee64582d724455df82d006481ec54816a726d9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7969D8481F3DB7AA880CCEE7FEE64582D724455DF82D006481EC54816A726D9F"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13585
Expires: Thu, 02 Feb 2023 07:35:09 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a29b90b6cc122d5b1b06a481d5c3403
93b8504321dbfca45ac31e85b1256477313570eb
8c7f76a9f6a23c8523aa93f4a6eeb9fa93249126c1c48274a0c5a54cda8e82fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C7F76A9F6A23C8523AA93F4A6EEB9FA93249126C1C48274A0C5A54CDA8E82FA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7608
Expires: Thu, 02 Feb 2023 05:55:32 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.217

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.217:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=4202420A9C32DB634400FD50021B35D4
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkICQmPbMpxQ/QBE1DUbAoh6FajcxT7dHcV2gruMQK5KIUZv; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
9cfe41b6a33ed44fedc0fd0fdcef7ae4
1b78950825e8b9b78d5fbaed9734765402dd371c
c40c428def3e947190edc846794b5353a45a53939f255a3eeffde2b008e368a9

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 02:47:27 GMT
ETag: "1b78950825e8b9b78d5fbaed9734765402dd371c"
Last-Modified: Thu, 02 Feb 2023 02:47:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1509
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f2db891bfa-OSL

dm-eu.hybrid.ai/match?id=106&vid=1503420A9C32DB634E13FF3502A11095

37.18.103.16

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=1503420A9C32DB634E13FF3502A11095
IP
37.18.103.16:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 02 Feb 2023 03:48:44 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=e8018e9b355bca165146; Expires=Fri, 02 Feb 2024 03:48:43 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 502
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.acint.net
access-control-allow-credentials: true
server: Hybrid Web Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96c794fe0eb0984074775ba4e182ed9d
bd6f5a86011fa199bc4197a37fb84079eb487f7e
3f626fa9d03173ededfce2c39da3be2989781484ca87bed7d8a8fd0f68fb051b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F626FA9D03173EDEDFCE2C39DA3BE2989781484CA87BED7D8A8FD0F68FB051B"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9428
Expires: Thu, 02 Feb 2023 06:25:52 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

74 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
1ff0a4e0d5c15aea3b289307d26449d6
ed262b345543868b2d22c5565f6ff88192b612ce
880f407150ddeacaa79d2bc94404934956fe8034908629620649e1829efab773

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=NIXHRKIX
Set-Cookie: uid=NIXHRKIX; Expires=Sun, 30 Jan 2033 03:48:44 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3021
Expires: Thu, 02 Feb 2023 04:39:05 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

sync.dmp.otm-r.com/match/sape?id=1503420A9C32DB634E13FF3502A11095

194.55.244.185

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=1503420A9C32DB634E13FF3502A11095
IP
194.55.244.185:0
ASN
#34959 Kviktel LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.23.2
date: Thu, 02 Feb 2023 03:48:44 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bac30724b4d5e7813c3f649da4c1be81
68709ea92544ba83880208fb1a9923010a97652d
319df7ec746969bf3e8b84e1a846d2bb09f3e9f6fd2ef0887989698357ed245f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "319DF7EC746969BF3E8B84E1A846D2BB09F3E9F6FD2EF0887989698357ED245F"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15708
Expires: Thu, 02 Feb 2023 08:10:32 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aa8a4de2da89e63bf5d87528f4942f8e
842533601fec8fa0504e9f12a68c638ac83f99f3
acad47db275e28fde5be3477bdb915aca613e8e7a3e04486e52fd47f6463151f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACAD47DB275E28FDE5BE3477BDB915ACA613E8E7A3E04486E52FD47F6463151F"
Last-Modified: Tue, 31 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Thu, 02 Feb 2023 04:56:31 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

s.uuidksinc.net/match/396/?remote_uid=1503420A9C32DB634E13FF3502A11095

185.98.54.153

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=1503420A9C32DB634E13FF3502A11095
IP
185.98.54.153:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Thu, 02 Feb 2023 03:48:44 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=XPNV5NAoBUjduPp2ICCj
set-cookie: jcsuuid=XPNV5NAoBUjduPp2ICCj; expires=Fri, 02 Feb 2024 03:48:44 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29cbed0f6d8c99166782eb19e3b3b40a
a79f0c9f23b25cd341b7810ae7c65b4f2c606193
17b752520814b21a538551090467600dc8cefa1ca4da6f660c8046c729ccf316

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17B752520814B21A538551090467600DC8CEFA1CA4DA6F660C8046C729CCF316"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7983
Expires: Thu, 02 Feb 2023 06:01:47 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

pix.bumlam.com/sync/sape/check?sspuid=1503420A9C32DB634E13FF3502A11095

31.172.81.160

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/check?sspuid=1503420A9C32DB634E13FF3502A11095
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape

www.acint.net/oci/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=99607938&oid=39e8192718f4ed5a678fc273d654392b

193.3.184.229

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/oci/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=99607938&oid=39e8192718f4ed5a678fc273d654392b
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /oci/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=99607938&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=99607938&oid=39e8192718f4ed5a678fc273d654392b

acint.net/match?dp=14&euid=4202420A9C32DB634400FD50021B35D4

193.3.184.229

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=4202420A9C32DB634400FD50021B35D4
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=4202420A9C32DB634400FD50021B35D4 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c38aef777743922d08ac552bdc4b3968
d0f8258c4a8aeb9259973c4492e6c9cf7518e744
a521d1d7702d2f422b03313d0e76e34eda17838bd8e989464e1bd72cbd5c9b34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A521D1D7702D2F422B03313D0E76E34EDA17838BD8E989464E1BD72CBD5C9B34"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3021
Expires: Thu, 02 Feb 2023 04:39:05 GMT
Date: Thu, 02 Feb 2023 03:48:44 GMT
Connection: keep-alive

sync.upravel.com/sape/sync

136.243.48.22

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync
IP
136.243.48.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675309724687;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675309724687;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

nr.bidderstack.com/sape/cm?user_id=1503420A9C32DB634E13FF3502A11095

23.88.12.13

200 OK

44 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=1503420A9C32DB634E13FF3502A11095
IP
23.88.12.13:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
f9d60352c70a2ba15616d1c9421f3844
e9abc8bea7721a4b6a50295850d13c515006a95c
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

HTTP Headers

GET /sape/cm?user_id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
Access-Control-Allow-Credentials: true

www.acint.net/match?dp=95&euid=NIXHRKIX

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=NIXHRKIX
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=NIXHRKIX HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

acint.net/match?dp=110&euid=7d65dfdf657e463bb70761feb990dccf

193.3.184.229

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=7d65dfdf657e463bb70761feb990dccf
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=7d65dfdf657e463bb70761feb990dccf HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
acac26281cb19c98314944db920c9add
74215e8afc5b8bddb2ee6b244d7490cccc9960c1
fc05fded02853310118d03bfa08fc53f89f7357d181c6e4e11739737b92c7f28

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 02:18:48 GMT
ETag: "74215e8afc5b8bddb2ee6b244d7490cccc9960c1"
Last-Modified: Thu, 02 Feb 2023 02:18:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 741
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f38b391c12-OSL

sync.bumlam.com/?src=sap1&uid=1503420A9C32DB634E13FF3502A11095

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&uid=1503420A9C32DB634E13FF3502A11095
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3ZGNmN2Q1Ni1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 03:48:44 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARic5eyeBmIgMTUwMzQyMEE5QzMyREI2MzRFMTNGRjM1MDJBMTEwOTWiARB9z31WoqwR7YbgACWQwGR8
ETag: 7dcf7d56-a2ac-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

www.acint.net/match?dp=129&euid=ugis7f5t86

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=ugis7f5t86
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=ugis7f5t86 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A9C32DB634E13FF3502A11095

87.242.89.90

200 OK

12 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A9C32DB634E13FF3502A11095
IP
87.242.89.90:0
ASN
#25532 LLC masterhost

File type
exported SGML document, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2

www.acint.net/match?dp=127&euid=XPNV5NAoBUjduPp2ICCj

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=XPNV5NAoBUjduPp2ICCj
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=XPNV5NAoBUjduPp2ICCj HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.adspend.space/sape?uid=1503420A9C32DB634E13FF3502A11095

212.76.129.181

302 Found

149 B

URL HTTP/2
sync.adspend.space/sape?uid=1503420A9C32DB634E13FF3502A11095
IP
212.76.129.181:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
149 B (149 bytes)
Hash
445251a65c7490217545d788a92ec78c
eb702d995c2cd305b72946c87c2aba98ed9e929e
c3af1a9ed9caf3395b9ed7325cd7c4e021763009125b81e655b7337f51f5f945

HTTP Headers

GET /sape?uid=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: text/html; charset=utf-8
content-length: 149
location: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09fbd5e6-6b68-4127-a3ff-87b00edf69f7
set-cookie: as-user=09fbd5e6-6b68-4127-a3ff-87b00edf69f7; Path=/; Max-Age=31536000; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

136.243.48.22

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
136.243.48.22:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675309724687
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=f8695882-4292-4357-a9ee-fd2e1d34ae83;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=f8695882-4292-4357-a9ee-fd2e1d34ae83;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=f8695882-4292-4357-a9ee-fd2e1d34ae83
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=sp&uid=1503420A9C32DB634E13FF3502A11095

23.111.107.44

301 Moved Permanently

0 B

URL HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=1503420A9C32DB634E13FF3502A11095
IP
23.111.107.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=26debd1a-077c-4a73-903b-0fb6e381d652
Set-Cookie: uuid=26debd1a-077c-4a73-903b-0fb6e381d652; expires=Wed, 24 Jan 2024 03:48:44 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=588483,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ff3f379c00b4d-OSL

www.acint.net/oci/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=99607938&oid=39e8192718f4ed5a678fc273d654392b

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/oci/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=99607938&oid=39e8192718f4ed5a678fc273d654392b
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /oci/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=99607938&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sape

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3ZGQ0OGE5ZS1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 03:48:44 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQARic5eyeBqIBEH3Uip6irBHthuAAJZDAZHw*
ETag: 7dd48a9e-a2ac-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

sync.bumlam.com/?src=sap1&s_data=CAIQARic5eyeBmIgMTUwMzQyMEE5QzMyREI2MzRFMTNGRjM1MDJBMTEwOTWiARB9z31WoqwR7YbgACWQwGR8

31.172.81.172

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARic5eyeBmIgMTUwMzQyMEE5QzMyREI2MzRFMTNGRjM1MDJBMTEwOTWiARB9z31WoqwR7YbgACWQwGR8
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARic5eyeBmIgMTUwMzQyMEE5QzMyREI2MzRFMTNGRjM1MDJBMTEwOTWiARB9z31WoqwR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ3ZGNmN2Q1Ni1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3ZGNmN2Q1Ni1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 03:48:44 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

sync.programmatica.com/match/RTBSape?id=1503420A9C32DB634E13FF3502A11095

167.235.117.42

302 Found

0 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=1503420A9C32DB634E13FF3502A11095
IP
167.235.117.42:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/RTBSape?id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-length: 0
location: https://sync.programmatica.com/match/RTBSape?id=1503420A9C32DB634E13FF3502A11095&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

dmp.gotechnology.io/match/sape?id=1503420A9C32DB634E13FF3502A11095

142.132.209.138

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=1503420A9C32DB634E13FF3502A11095
IP
142.132.209.138:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1503420A9C32DB634E13FF3502A11095&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

www.acint.net/match?dp=71&euid=f8695882-4292-4357-a9ee-fd2e1d34ae83

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=f8695882-4292-4357-a9ee-fd2e1d34ae83
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=f8695882-4292-4357-a9ee-fd2e1d34ae83 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=186&euid=26debd1a-077c-4a73-903b-0fb6e381d652

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=186&euid=26debd1a-077c-4a73-903b-0fb6e381d652
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=26debd1a-077c-4a73-903b-0fb6e381d652 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09fbd5e6-6b68-4127-a3ff-87b00edf69f7

212.76.129.181

302 Found

102 B

URL HTTP/2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09fbd5e6-6b68-4127-a3ff-87b00edf69f7
IP
212.76.129.181:0
ASN
#42632 MnogoByte LLC

File type
HTML document, ASCII text
Size
102 B (102 bytes)
Hash
7f9aa84b0337059032e9d8da66ca6954
5d21045d47614ba81f035c8d5170889360465811
226be78d1b6d9f36fd92b3df727cd11cbb37408db60ea4db784148a9337ac11b

HTTP Headers

GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D09fbd5e6-6b68-4127-a3ff-87b00edf69f7 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=09fbd5e6-6b68-4127-a3ff-87b00edf69f7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=09fbd5e6-6b68-4127-a3ff-87b00edf69f7
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

sync.programmatica.com/match/RTBSape?id=1503420A9C32DB634E13FF3502A11095&chk=1

167.235.117.42

200 OK

43 B

URL HTTP/2
sync.programmatica.com/match/RTBSape?id=1503420A9C32DB634E13FF3502A11095&chk=1
IP
167.235.117.42:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/RTBSape?id=1503420A9C32DB634E13FF3502A11095&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=NGZmMDYyMjkwM2IwMjAz; expires=Fri, 02 Aug 2024 03:48:44 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

sync.bumlam.com/?src=sape&s_data=CAIQARic5eyeBqIBEH3Uip6irBHthuAAJZDAZHw*

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape&s_data=CAIQARic5eyeBqIBEH3Uip6irBHthuAAJZDAZHw*
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape&s_data=CAIQARic5eyeBqIBEH3Uip6irBHthuAAJZDAZHw* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ3ZGQ0OGE5ZS1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3ZGQ0OGE5ZS1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Wed, 28 Jan 2043 03:48:44 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=7dd48a9e-a2ac-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ad50fd429d43590d1ef8635ee01498ea
f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af
50edbb5e017eb9381fccaf770b4fc5dc94e970ea2631eec51e180ac69d59a70b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 15:41:07 GMT
Expires: Tue, 07 Feb 2023 15:41:06 GMT
Etag: "f0917fd3a14ea4f5b1e97dcd534338c5ff06c8af"
Cache-Control: max-age=474141,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ff3f31e91b51e-OSL

dmp.gotechnology.io/match/sape?id=1503420A9C32DB634E13FF3502A11095&chk=1

142.132.209.138

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=1503420A9C32DB634E13FF3502A11095&chk=1
IP
142.132.209.138:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=1503420A9C32DB634E13FF3502A11095&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-length: 0
location: https://ads.betweendigital.com/match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA
set-cookie: pid=NTA5YjRhNGRkZmYxYTdkMA; expires=Fri, 02 Feb 2024 03:48:44 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/sync_ok?guid=7dd48a9e-a2ac-11ed-86e0-002590c0647c

31.172.81.160

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=7dd48a9e-a2ac-11ed-86e0-002590c0647c
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=7dd48a9e-a2ac-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ3ZGQ0OGE5ZS1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 03:48:44 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://7dd48a9e-a2ac-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

138.201.34.238

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
138.201.34.238:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
cb9833bfcaa462aa206fe0c9714829c6
444e96b1980b066117f6e9e005dc78a6296ade22
c5dfb6e6bc6f4bea7be7ecd2356df8a49d4f8f5b69726ee296f7699dcf6dfa60

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=4c1ed418-568e-44dd-711e-f1c2a3531ff4
serverid: TODO
X-Firefox-Spdy: h2

www.acint.net/match?dp=98&euid=09fbd5e6-6b68-4127-a3ff-87b00edf69f7

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=98&euid=09fbd5e6-6b68-4127-a3ff-87b00edf69f7
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=98&euid=09fbd5e6-6b68-4127-a3ff-87b00edf69f7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

www.acint.net/match?dp=126&euid=4c1ed418-568e-44dd-711e-f1c2a3531ff4

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=4c1ed418-568e-44dd-711e-f1c2a3531ff4
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=4c1ed418-568e-44dd-711e-f1c2a3531ff4 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:44 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
db7e0be65c783c07cac86e8e9e040ddb
917c3c0c522f73baf8f2f5715d3325598dbb939a
7b9f9540b486e157a1eb57236f3e8ffe5f279bed4c28e5da356147de7bf9f726

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B9F9540B486E157A1EB57236F3E8FFE5F279BED4C28E5DA356147DE7BF9F726"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1048
Expires: Thu, 02 Feb 2023 04:06:13 GMT
Date: Thu, 02 Feb 2023 03:48:45 GMT
Connection: keep-alive

7dd48a9e-a2ac-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape

188.120.245.54

302 Found

0 B

URL HTTP/2
7dd48a9e-a2ac-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape
IP
188.120.245.54:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: 7dd48a9e-a2ac-11ed-86e0-002590c0647c.n6.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ3ZGQ0OGE5ZS1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.1
date: Thu, 02 Feb 2023 03:48:45 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/done

31.172.81.160

200 OK

43 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.160:0
ASN
#44066 diva-e Datacenters GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ3ZGQ0OGE5ZS1hMmFjLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10535
Expires: Thu, 02 Feb 2023 06:44:20 GMT
Date: Thu, 02 Feb 2023 03:48:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11552 bytes)
Hash
b0ca0ccee69fbee57aac373f94120bb4
5d6309502ffd0c33f6199d46f0d14d0a22e3c752
bed9d4689ff57fa636ee08dab3eef3cdf6c4e0a7103e5185151afe8ddfb755f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11552
x-amzn-requestid: 611f63cb-f058-493b-ac86-7e268b866fd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTvG9VIAMFgPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc17-78de7563537b111924100346;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lHLm3IkJRn59US_8SXKXQnNDUiCLIWnQ7QN-DWB3jkot9Ub3b6FUgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:11 GMT
age: 20854
etag: "5d6309502ffd0c33f6199d46f0d14d0a22e3c752"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7036 bytes)
Hash
6f4dbd75e0cdc28265ccbe825c5c5b6c
78187b014be0ee8bf7543fb873915db8a9c8dbc4
bf49642b990d73f58ca5f9ee979271ba2ab80bae94c8f333fa5737b16016d1c8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7036
x-amzn-requestid: 9d54dd82-add1-4d7d-97b7-53c92eecb724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJxCHAqoAMF3qA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcd3-109d34d11a9834886e3080ee;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U45NW79hI4Vtd7fV7kXnxqlxRQzC-u9PVlNK4D1pBkAa8CBYuUf9ig==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:06:05 GMT
age: 74560
etag: "78187b014be0ee8bf7543fb873915db8a9c8dbc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 19790
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 02:29:58 GMT
age: 4727
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9416 bytes)
Hash
6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tO6GOuwj9So6Itm9ug-EQgF5iJ3NPidhS8OY4LpBvq0XftWTqGcOHA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:16 GMT
age: 21089
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5061 bytes)
Hash
0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: a266acae-8f1e-4cd7-b93b-e40aa5393521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUpGcmoAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1d-1fbae7785fccc58f71c1b3e9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PevXZz9rkBo3Cy6EooCVOpSoHyeKHMoYFjKRrvDld34WFWXzOmpANQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:11:31 GMT
age: 20234
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
b488de3db028e351911981452a9c3ef3
a30257532f2866e11125e9a616d824e6542eb3de
3fa0da5b42be0436a2e15e3e17509ad792122ead12c5403c86c7e35d5cf1cd0c

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:08:28 GMT
ETag: "a30257532f2866e11125e9a616d824e6542eb3de"
Last-Modified: Thu, 02 Feb 2023 00:08:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 335
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f6ec131c12-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
b488de3db028e351911981452a9c3ef3
a30257532f2866e11125e9a616d824e6542eb3de
3fa0da5b42be0436a2e15e3e17509ad792122ead12c5403c86c7e35d5cf1cd0c

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:08:28 GMT
ETag: "a30257532f2866e11125e9a616d824e6542eb3de"
Last-Modified: Thu, 02 Feb 2023 00:08:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 335
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f6fc1c1c12-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

940 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
940 B (940 bytes)
Hash
654e057d2fd4ee8042d1d8b764899c71
74f341c46f8aad903123d306776623d50515d21d
5c50c0130a518124e2aa69580318804c281962daf1a9db6241db027b6972ce5b

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sun, 05 Feb 2023 23:42:15 GMT
ETag: "74f341c46f8aad903123d306776623d50515d21d"
Last-Modified: Wed, 01 Feb 2023 23:42:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2246
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f72c2a1c12-OSL

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
45cc3902d7987738771c0f6a04adc91f
d3a49731c42d4d3512df494aa67dab40e78dd5ce
6172e0b12566e35ffc9d899f64103af8d002a8d0aaad5999bf215f83e556d193

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 02:54:55 GMT
ETag: "d3a49731c42d4d3512df494aa67dab40e78dd5ce"
Last-Modified: Thu, 02 Feb 2023 02:54:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2190
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f73c2f1c12-OSL

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.50

302 Moved Temporarily

0 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.50:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4385249444; expires=Sat, 01 Feb 2025 03:48:45 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4385249444
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A9C32DB634E13FF3502A11095

81.222.128.213

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A9C32DB634E13FF3502A11095
IP
81.222.128.213:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

400 Bad Request

22 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type
ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache

ocsp.usertrust.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c60ca4b761622aee6dac8fcd5a7b47bb
bf27b8a42a03073eb548b79b3adfc1c4a09921ba
55e4d169563b096866bbab23531097fd09fa620a64f56261165cf190aa90aaa7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 30 Jan 2023 04:18:19 GMT
Expires: Mon, 06 Feb 2023 04:18:18 GMT
Etag: "bf27b8a42a03073eb548b79b3adfc1c4a09921ba"
Cache-Control: max-age=604094,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1011
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f79e48b4eb-OSL

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4385249444

195.209.108.50

302 Moved Temporarily

40 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4385249444
IP
195.209.108.50:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4385249444 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sat, 01 Feb 2025 03:48:45 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9bfb439fb08a32861d09348061be89b1
7c8e9f24fa24ae6a5860bf9b7cc96377089f727b
418cb2a96b67658132868ef799dbe9b55ebe9ca82d9a18d1a06c6868ef8cc54e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "418CB2A96B67658132868EF799DBE9B55EBE9CA82D9A18D1A06C6868EF8CC54E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3901
Expires: Thu, 02 Feb 2023 04:53:46 GMT
Date: Thu, 02 Feb 2023 03:48:45 GMT
Connection: keep-alive

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
3db08d47898fa2e9e3d1cb5cc21e384e
9a6475c4339b09f4c12858f0056149997e3bfd91
ac9b9cd007d0a3b95898a8c9ca37b051316fbc53041f6b0c22f8ef8cd74ee591

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:39:19 GMT
ETag: "9a6475c4339b09f4c12858f0056149997e3bfd91"
Last-Modified: Thu, 02 Feb 2023 00:39:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3574
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f7bc621c12-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=511478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ff3f72a7b0b4d-OSL

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.23.99

302 Found

471 B

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.23.99:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
471 B (471 bytes)
Hash
2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Thu, 02 Feb 2023 03:48:44 GMT
x-request-id: 0a96c7af-b416-4c3a-a052-4b8e04bff4f9
set-cookie: bvuid=ugis7f5t86; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=ugis7f5t86; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=ugis7f5t86
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
6ec308fb0c90794d7bd43e75bf68e403
2e659f583febcab7a67d9bc0b62b209a203c7166
fe8149939433f42202734475d69113ddab8fafa0ebfe0477bdd4f532f16c168f

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 01:05:30 GMT
ETag: "2e659f583febcab7a67d9bc0b62b209a203c7166"
Last-Modified: Thu, 02 Feb 2023 01:05:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3337
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792ff3f7dc691c12-OSL

ad.mail.ru/cm.gif?p=48&id=1503420A9C32DB634E13FF3502A11095

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=1503420A9C32DB634E13FF3502A11095
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:48:45 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=3fkdyL0jYiIF0025NV2wuPoF:::0-0-0-8f58b5d:CAASENc-jwoNNxPY_ABH5eGtq4AaYMlHRHge9a_aWUo32K_xfd9oLzIwQB90ACeewh4sy9oaQ2_PEHyNTcttzorIyAMiNoLzA3dBtuh6Vv1f6mwZKqmfY3Z2QzHn3vdA5_QTkYG92qbX3GvDndV2tSlkdkWaNg; path=/; expires=Sat, 03-Feb-24 03:48:45 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Thu, 02 Feb 2023 09:48:45 GMT
cache-control: max-age=21600
last-modified: Thu, 02 Feb 2023 03:48:45 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

sape-sync.rutarget.ru/sync

188.72.107.205

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
188.72.107.205:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=VS6BB3BiB4hH
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=VS6BB3BiB4hH; Path=/; Domain=.rutarget.ru; Expires=Tue, 01 Aug 2023 03:48:45 GMT; SameSite=None; Secure

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

193.3.184.229

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Thu, 02 Feb 2023 03:48:45 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A9C32DB634E13FF3502A21095
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

tag.digitaltarget.ru/adcm.js

185.15.175.144

200 OK

3.1 kB

URL HTTP/1.1
tag.digitaltarget.ru/adcm.js
IP
185.15.175.144:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Thu, 02 Feb 2023 03:34:13 GMT
Connection: keep-alive
ETag: "63db2f35-beb"
Accept-Ranges: bytes

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.34.64

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=a170ce58-204e-5221-85d5-7030e60e42ad; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9synQAGgBCvE304f1_2-IKdCp6qonAKbj-1LQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA

188.42.34.64

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=90f9b9e5-6e30-5221-99d0-663efa0b54a3; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9synQAGh-CLHftjRpvdskpsdmNy-2a4f-RYfA==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A9C32DB634E13FF3502A21095

81.222.128.213

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A9C32DB634E13FF3502A21095
IP
81.222.128.213:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A9C32DB634E13FF3502A21095 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.34.64

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=0a2fa8e1-a4d5-5221-af30-880dccebba90; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9synQAHGGgd8z2eziRSVy-pf9mDvbFRcaErEQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA&crf=1

188.42.34.64

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA&crf=1
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=98&external_user_id=NTA5YjRhNGRkZmYxYTdkMA&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=14c83a2e-b934-5221-adf6-d493ce2de60e; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9synQAHGGhn5gB3HlojxHpCox3fFLjQDVq7dQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

www.acint.net/match?dp=104&euid=VS6BB3BiB4hH

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=VS6BB3BiB4hH
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=VS6BB3BiB4hH HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:45 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

sm.rtb.mts.ru/p?ssp=sape&id=1503420A9C32DB634E13FF3502A11095

217.66.147.33

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/p?ssp=sape&id=1503420A9C32DB634E13FF3502A11095
IP
217.66.147.33:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sape&id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A9C32DB634E13FF3502A11095
Set-Cookie: dspid=d7cbeeb8-5c8d-487f-94c5-67509941dd31; expires=Wed, 24 Jan 2024 03:48:45 GMT; domain=.mts.ru; path=/; secure; SameSite=None

px.adhigh.net/p/cm/sape?u=1503420A9C32DB634E13FF3502A11095

193.232.150.69

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1503420A9C32DB634E13FF3502A11095
IP
193.232.150.69:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:45 GMT
content-length: 0
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=xNa3qJADojH.AikABlGGED23Kw;Path=/;Domain=.adhigh.net;Expires=Fri, 02-Feb-2024 03:48:45 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1503420A9C32DB634E13FF3502A11095&bounced=1
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=511478,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ff3f74fefb51e-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=469198,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792ff3f76ee8b527-OSL

ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A9C32DB634E13FF3502A11095

188.42.34.64

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A9C32DB634E13FF3502A11095
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1503420A9C32DB634E13FF3502A11095&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=6f264762-b80e-5221-8dd0-56a1ee0b643c; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9synQAI2aCUX01dpY8kgWX4JbfprztctJrwEQ==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

x01.aidata.io/0.gif?pid=9401454&id=1503420A9C32DB634E13FF3502A11095

89.108.119.43

302 Found

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=1503420A9C32DB634E13FF3502A11095
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Thu, 02 Feb 2023 03:48:45 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1503420A9C32DB634E13FF3502A11095&bounce=1
expires: Thu, 02 Feb 2023 03:48:44 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 03:48:44 GMT
set-cookie: __upin=dOamx/tA9fcvdxKDV+P2yA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675309725;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A9C32DB634E13FF3502A11095

217.66.147.33

200 OK

0 B

URL HTTP/1.1
sm.rtb.mts.ru/match/second?ssp=30&exu=1503420A9C32DB634E13FF3502A11095
IP
217.66.147.33:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/second?ssp=30&exu=1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

px.adhigh.net/p/cm/sape?u=1503420A9C32DB634E13FF3502A11095&bounced=1

193.232.150.69

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=1503420A9C32DB634E13FF3502A11095&bounced=1
IP
193.232.150.69:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=1503420A9C32DB634E13FF3502A11095&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:48:45 GMT
content-type: image/gif
content-length: 49
x-backend-id: f13-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A9C32DB634E13FF3502A11095&crf=1

188.42.34.64

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420A9C32DB634E13FF3502A11095&crf=1
IP
188.42.34.64:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=1503420A9C32DB634E13FF3502A11095&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=639891a1-de4b-5221-a799-6f4cc4425dd1; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9synQAJXnAnlOFLx1u5qCrg7xjns71dwiXwNA==; Max-Age=31536000; Expires=Fri, 02 Feb 2024 03:48:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

tag.digitaltarget.ru/processor.js?i=923731951241273

185.15.175.144

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=923731951241273
IP
185.15.175.144:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15892), with no line terminators
Size
16 kB (15892 bytes)
Hash
736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

HTTP Headers

GET /processor.js?i=923731951241273 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Thu, 02 Feb 2023 03:34:14 GMT
Connection: keep-alive
ETag: "63db2f36-3e14"
Accept-Ranges: bytes

x01.aidata.io/0.gif?pid=9401454&id=1503420A9C32DB634E13FF3502A11095&bounce=1

89.108.119.43

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=1503420A9C32DB634E13FF3502A11095&bounce=1
IP
89.108.119.43:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=1503420A9C32DB634E13FF3502A11095&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 03:48:45 GMT
expires: Thu, 02 Feb 2023 03:48:44 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Thu, 02 Feb 2023 03:48:44 GMT
set-cookie: __upin=2rMN9qhHf7ota8uZFxasng;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675309725;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc797e4e4215c50a42918f78bf25dd9b
3a9d446065eb8b0d530dab59538a290125b4647b
9fe7badd15d6591176c688dafa284fdf9d8f991109e0c3a9e56a17d8c61efd2e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE7BADD15D6591176C688DAFA284FDF9D8F991109E0C3A9E56A17D8C61EFD2E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1983
Expires: Thu, 02 Feb 2023 04:21:48 GMT
Date: Thu, 02 Feb 2023 03:48:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc797e4e4215c50a42918f78bf25dd9b
3a9d446065eb8b0d530dab59538a290125b4647b
9fe7badd15d6591176c688dafa284fdf9d8f991109e0c3a9e56a17d8c61efd2e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE7BADD15D6591176C688DAFA284FDF9D8F991109E0C3A9E56A17D8C61EFD2E"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1983
Expires: Thu, 02 Feb 2023 04:21:48 GMT
Date: Thu, 02 Feb 2023 03:48:45 GMT
Connection: keep-alive

dmg.digitaltarget.ru/1/1093/i/i?i=629130309033830.846381934883257&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.133

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=629130309033830.846381934883257&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.133:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=629130309033830.846381934883257&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675309725926&i=629130309033830.846381934883257&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=MtkwskhbGd25BA572anu; Max-Age=93312000; Expires=Sat, 17 Jan 2026 03:48:45 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=629130309033830.411753810280064&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.133

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=629130309033830.411753810280064&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.133:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=629130309033830.411753810280064&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675309725929&i=629130309033830.411753810280064&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=HgSS-i9bUBjrBdb7yagD; Max-Age=93312000; Expires=Sat, 17 Jan 2026 03:48:45 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675309725929&i=629130309033830.411753810280064&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.133

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675309725929&i=629130309033830.411753810280064&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.133:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1675309725929&i=629130309033830.411753810280064&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675309725926&i=629130309033830.846381934883257&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.133

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675309725926&i=629130309033830.846381934883257&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.133:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1675309725926&i=629130309033830.846381934883257&a=77&e=1503420A9C32DB634E13FF3502A11095&pref=http%3A%2F%2Fautoman.ru%2F&c=ss:77.up:1503420A9C32DB634E13FF3502A11095.sync:up.xdua:dufu6mojwSkqyxGxo1sNWpMC.xps:xps3N95qsoepplI2ePETbP4cY.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 03:48:45 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 4
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

www.acint.net/ping/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=79458601&dT=2023-02-02T03%3A49%3A11.418

193.3.184.229

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/ping/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=79458601&dT=2023-02-02T03%3A49%3A11.418
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /ping/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=79458601&dT=2023-02-02T03%3A49%3A11.418 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://automan.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Thu, 02 Feb 2023 03:48:47 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=79458601&dT=2023-02-02T03%3A49%3A11.418

www.acint.net/ping/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=79458601&dT=2023-02-02T03%3A49%3A11.418

193.3.184.229

200 OK

43 B

URL HTTP/2
www.acint.net/ping/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=79458601&dT=2023-02-02T03%3A49%3A11.418
IP
193.3.184.229:0
ASN
#50214 QWARTA LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.5.0&uid=281083f3-da72-43ff-8a00-3ffbd9eb681c&dp=10&tz=%2B00%3A00&nc=79458601&dT=2023-02-02T03%3A49%3A11.418 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=CkIDFWPbMpw1/xNOlRCiAkazJcBF+ik2SW0BlBbWaNWH4weA; cSyncDp7v2=1675309724; cSyncDp14v3=1675309724; cSyncDp17=1675309724; cSyncDp32=1675309724; cSyncDp45v3=1675309724; cSyncDp53v2=1675309724; cSyncDp62=1675309724; cSyncDp67v2=1675309724; cSyncDp68=1675309724; cSyncDp71=1675309724; cSyncDp85=1675309724; cSyncDp95v3=1675309724; cSyncDp98v2=1675309724; cSyncDp101=1675309724; cSyncDp104v2=1675309724; cSyncDp107=1675309724; cSyncDp110=1675309724; cSyncDp125v3=1675309724; cSyncDp126=1675309724; cSyncDp127=1675309724; cSyncDp129=1675309724; cSyncDp136v2=1675309724; cSyncDp146=1675309724; cSyncDp148=1675309724; cSyncDp149v2=1675309724; cSyncDp151=1675309724; cSyncDp178=1675309724; cSyncDp186=1675309724; cSyncDp221=1675309724; cSyncDp235=1675309724
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Thu, 02 Feb 2023 03:48:47 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/1827?wv-check=48589&wv-type=0&wmode=0&wv-part=1&wv-hit=556898536&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&rn=875452261&browser-info=et%3A1675309756%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202034915%3Au%3A1675309748141191675%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675309756&t=gdpr(14)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/1827?wv-check=48589&wv-type=0&wmode=0&wv-part=1&wv-hit=556898536&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&rn=875452261&browser-info=et%3A1675309756%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202034915%3Au%3A1675309748141191675%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675309756&t=gdpr(14)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/1827?wv-check=48589&wv-type=0&wmode=0&wv-part=1&wv-hit=556898536&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&rn=875452261&browser-info=et%3A1675309756%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202034915%3Au%3A1675309748141191675%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675309756&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 03:48:51 GMT
access-control-allow-origin: http://automan.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 03:48:51 GMT
last-modified: Thu, 02-Feb-2023 03:48:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/webvisor/1827?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=556898536&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&rn=643878743&browser-info=et%3A1675309756%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202034915%3Au%3A1675309748141191675%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675309756&t=gdpr(14)ti(2)

93.158.134.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/webvisor/1827?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=556898536&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&rn=643878743&browser-info=et%3A1675309756%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202034915%3Au%3A1675309748141191675%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675309756&t=gdpr(14)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

POST /webvisor/1827?wv-check=3341&wv-type=0&wmode=0&wv-part=2&wv-hit=556898536&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&rn=643878743&browser-info=et%3A1675309756%3Aw%3A1268x939%3Av%3A960%3Az%3A0%3Ai%3A20230202034915%3Au%3A1675309748141191675%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Ast%3A1675309756&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 02 Feb 2023 03:48:51 GMT
access-control-allow-origin: http://automan.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 03:48:51 GMT
last-modified: Thu, 02-Feb-2023 03:48:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/1503420A9C32DB634E13FF3502A11095?redir-setuniq=1

213.180.193.90

200 OK

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/1503420A9C32DB634E13FF3502A11095?redir-setuniq=1
IP
213.180.193.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/1503420A9C32DB634E13FF3502A11095?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
timing-allow-origin: *
date: Thu, 02 Feb 2023 03:48:45 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 03:48:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 03:48:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

www.yandex.ru/cycounter?www.automan.ru

77.88.55.55

200 OK

0 B

URL HTTP/2
www.yandex.ru/cycounter?www.automan.ru
IP
77.88.55.55:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cycounter?www.automan.ru HTTP/1.1
Host: www.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://automan.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
set-cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Sat, 01 Feb 2025 03:48:44 GMT; SameSite=None; Secure
is_gdpr_b=CPvaURCmpAEYAQ==; Path=/; Domain=.yandex.ru; Expires=Sat, 01 Feb 2025 03:48:44 GMT; SameSite=None; Secure
_yasc=vVc18bhjCDPQBC1cMG6ciPxtEcRXwrLg/+N+bIhfExDyma1/AZyjrJh0+Tw=; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 03:48:44 GMT; secure
i=JCFJCF9vn96ONhgF05DWVKcHDlhfofuyavgpiX/Rpb/QSBUvBVHoB2lAH4t07NuNj+hHW6RX9eDIx1T5SHJGT624FTU=; Expires=Sat, 01-Feb-2025 03:48:44 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yashr=2926225051675309724; Path=/; Domain=.yandex.ru; Expires=Fri, 02 Feb 2024 03:48:44 GMT; SameSite=None; Secure; HttpOnly
expires: Thu, 02 Feb 2023 08:55:46 GMT
x-xss-protection: 1; mode=block
x-yandex-req-id: 1675309724324276-14776381444701009993-sas3-0704-ded-sas-l7-balancer-8080-BAL
last-modified: Thu, 19 Jan 2023 08:55:46 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/png
X-Firefox-Spdy: h2

mc.yandex.ru/watch/1827?wmode=7&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A819%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A783412468669%3Ahid%3A556898536%3Az%3A0%3Ai%3A20230202034908%3Aet%3A1675309748%3Ac%3A1%3Arn%3A622192966%3Arqn%3A1%3Au%3A1675309748141191675%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C54%2C441%2C0%2C-9%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675309746874%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675309748%3At%3A%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

93.158.134.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/1827?wmode=7&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A819%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A783412468669%3Ahid%3A556898536%3Az%3A0%3Ai%3A20230202034908%3Aet%3A1675309748%3Ac%3A1%3Arn%3A622192966%3Arqn%3A1%3Au%3A1675309748141191675%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C54%2C441%2C0%2C-9%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675309746874%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675309748%3At%3A%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
93.158.134.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/1827?wmode=7&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A819%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A783412468669%3Ahid%3A556898536%3Az%3A0%3Ai%3A20230202034908%3Aet%3A1675309748%3Ac%3A1%3Arn%3A622192966%3Arqn%3A1%3Au%3A1675309748141191675%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C54%2C441%2C0%2C-9%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675309746874%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675309748%3At%3A%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://automan.ru
Connection: keep-alive
Referer: http://automan.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/1827/1?wmode=7&page-url=http%3A%2F%2Fautoman.ru%2Fstat%2F175.shtml&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A819%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A783412468669%3Ahid%3A556898536%3Az%3A0%3Ai%3A20230202034908%3Aet%3A1675309748%3Ac%3A1%3Arn%3A622192966%3Arqn%3A1%3Au%3A1675309748141191675%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C54%2C441%2C0%2C-9%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1675309746874%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675309748%3At%3A%D0%A3%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%BE%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%3A%20%D0%9A%D0%BE%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%80%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9%20%D0%B4%D0%BB%D1%8F%20%D1%87%D0%B0%D0%B9%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Thu, 02 Feb 2023 03:48:43 GMT
access-control-allow-origin: http://automan.ru
set-cookie: yabs-sid=2505840511675309723; Path=/; SameSite=None; Secure
i=mP2lywkP7AmBsTs/dZZOD6Eig+Rio0Ti8xYh81CIfJv0KEx2EPLX+1V0tgyRynTl6KylJXinm+pegVv/Imdhwak4MkE=; Expires=Sun, 30-Jan-2033 03:48:38 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1471001151675309723; Expires=Fri, 02-Feb-2024 03:48:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1471001151675309723; Expires=Fri, 02-Feb-2024 03:48:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706845723.yc.1675309723#1706845723.yrts.1675309723#1706845723.yrtsi.1675309723; Expires=Fri, 02-Feb-2024 03:48:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02-Feb-2023 03:48:43 GMT
last-modified: Thu, 02-Feb-2023 03:48:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D

5.200.44.122

302 Found

0 B

URL HTTP/2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
5.200.44.122:0
ASN
#48096 Enterprise Cloud Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=7d65dfdf657e463bb70761feb990dccf
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=7d65dfdf657e463bb70761feb990dccf; expires=Thu, 01 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Thu, 02 Feb 2023 03:48:43 GMT
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/1503420A9C32DB634E13FF3502A11095

213.180.193.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/1503420A9C32DB634E13FF3502A11095
IP
213.180.193.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/1503420A9C32DB634E13FF3502A11095 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1503420A9C32DB634E13FF3502A11095?redir-setuniq=1
date: Thu, 02 Feb 2023 03:48:45 GMT
set-cookie: yandexuid=8043460411675309725; domain=.yandex.ru; path=/; expires=Sun, 30-Jan-2033 03:48:45 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 02 Feb 2023 03:48:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Thu, 02 Feb 2023 03:48:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML