Report - avtodom-kzn.ru/

Report Overview

Submitted URL
avtodom-kzn.ru/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-30 04:23:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ssp.bestssp.com	90974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	438 B	302 B	185.147.80.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.linkstars.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	304 B	3.2 kB	104.21.85.63
ut.rktch.com	41215	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	593 B	89.108.97.2
sync.upravel.com	28097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	890 B	1.7 kB	78.46.16.13
avtodom-kzn.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	30 kB	413 kB	188.114.96.1
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.165.41.15
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.8 kB	172.64.155.188
sm.rtb.mts.ru	27154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	639 B	217.66.147.42
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.8 kB	18 kB	23.36.77.32
sync.bumlam.com	3243	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.6 kB	31.172.81.172
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	61 kB	34.120.237.76
cm.g.doubleclick.net	202	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	657 B	142.250.74.66
ad.mail.ru	7643	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	756 B	95.163.41.56
0100007fc2da86632502402f02022817-sp.ops.beeline.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	828 B	37.9.245.57
sape-sync.rutarget.ru	173587	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	409 B	178.170.196.9
dmg.digitaltarget.ru	21471	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	3.2 kB	185.15.175.157
s.uuidksinc.net	3423	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	322 B	31.220.27.135
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	3.9 kB	151.101.130.133
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.131
ssp.adriver.ru	12439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	881 B	376 B	81.222.128.214
ssp-rtb.sape.ru	31166	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	447 B	773 B	193.3.184.216
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	8.9 kB	151.101.130.133
stat.adlabs.ru	200922	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	191 B	109.248.237.37
pix.bumlam.com	92002	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.1 kB	31.172.81.158
nr.bidderstack.com	352019	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	101 B	23.88.12.13
match.new-programmatic.com	33613	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	213 B	217.65.2.150
ssp.bidvol.com	31817	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	2.0 kB	65.109.65.188
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.6 kB	192.124.249.41
a.utraff.com	39874	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	1.1 kB	172.67.217.151
adlmerge.com	146521	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	172 B	95.211.66.35
acint.net	22962	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	780 B	46.4.114.109
cs.agency2.ru	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	721 B	23.111.107.44
bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	178 B	82.146.53.26
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	1.0 kB	104.18.32.68
sync.1dmp.io	10017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.2 kB	95.216.101.186
ads.adlook.me	43352	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	442 B	7.0 kB	212.116.120.34
sync.adkernel.com	4993	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	469 B	107 B	77.245.57.72
ads.betweendigital.com	1571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.4 kB	188.42.191.196
redirect.frontend.weborama.fr	8348	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	995 B	1.4 kB	35.190.24.218
exchange.buzzoola.com	18389	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	382 B	168.119.8.212
tag.digitaltarget.ru	98193	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	745 B	19 kB	185.15.175.133
dmp.gotechnology.io	48839	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	419 B	142.132.209.138
px.adhigh.net	10272	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	848 B	1.0 kB	193.232.150.60
mediatoday.ru	136083	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	521 B	139.45.228.111
www.acint.net	29072	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	20 kB	46.4.114.109
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	736 B	93.184.220.29
an.yandex.ru	2577	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	2.2 kB	93.158.134.90
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.4 kB	93.184.220.29
dm-eu.hybrid.ai	28847	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	468 B	37.18.103.21
sync.dmp.otm-r.com	19534	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	134 B	138.201.65.74
ad.adriver.ru	19548	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	875 B	1.4 kB	195.209.108.35
x01.aidata.io	12188	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	865 B	1.3 kB	89.108.119.28
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	avtodom-kzn.ru/	Malware
2022-11-30	medium	avtodom-kzn.ru/templates/auto-new/js/libs.js	Malware
2022-11-30	medium	avtodom-kzn.ru/engine/classes/js/dle_js.js	Malware
2022-11-30	medium	avtodom-kzn.ru/engine/classes/js/jqueryui.js	Malware
2022-11-30	medium	avtodom-kzn.ru/engine/classes/js/jquery.js	Malware
2022-11-30	medium	avtodom-kzn.ru/uploads/blockpro/152x74_399921.jpeg	Malware
2022-11-30	medium	avtodom-kzn.ru/uploads/blockpro/112x74_1306303196.jpeg	Malware
2022-11-30	medium	avtodom-kzn.ru/uploads/blockpro/112x74_lada-granta_1329137515.jpeg	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	avtodom-kzn.ru/engine/classes/js/jqueryui.js	67 kB	2023-03-11	2023-08-05
Pretty URL avtodom-kzn.ru/engine/classes/js/jqueryui.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:48:46 Last Seen2023-08-05 13:27:46 Times Seen3 Hash e86856975bd9bed56bd45557f33d1a57 674b06331f543c81c97767e9863bf51f542efe36 a3cca547852d6f89244000b316cdaf3f736549e2738f84d3b23aff1c95692dfc Loading...

	www.acint.net/aci.js	23 kB	2023-03-07	2023-03-17
Pretty URL www.acint.net/aci.js IP 46.4.114.109 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2023-03-17 20:29:36 Times Seen1 Hash 296c412bb908c9c3dce5d63fdd740fbc d00fa58ccedf948ecba31f911399c35483db13ad a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33 Loading...

	www.acint.net/mc/?dp=10&tc=1	199 B	2023-03-11	2023-03-11
Pretty URL www.acint.net/mc/?dp=10&tc=1 IP 46.4.114.109 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:48:46 Last Seen2023-03-11 22:48:46 Times Seen1 Hash 2b189f9deef9debba908655fc0446d70 16156293868d253c0ecfeea48d76553740afd6c1 35644985ff9aab4401a5edce9e66db9c01fa2a0ac82eac5e1e8035046088fe7f Loading...

	tag.digitaltarget.ru/processor.js?i=921994724795376	16 kB	2023-03-08	2023-03-11
Pretty URL tag.digitaltarget.ru/processor.js?i=921994724795376 IP 185.15.175.133 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:13 Last Seen2023-03-11 23:51:33 Times Seen1 Hash c9571a7ce0a22f154c74bdc8e35523e0 101feba577e71fc076ea5bf3f4af08b5d3fe988d 51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0 Loading...

	avtodom-kzn.ru/engine/classes/js/dle_js.js	21 kB	2023-03-11	2023-08-05
Pretty URL avtodom-kzn.ru/engine/classes/js/dle_js.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:48:46 Last Seen2023-08-05 13:27:46 Times Seen3 Hash e33916857ef591246e7369a7662f4622 c389ded8af6bc3f1003a2d0179f85ff458f71e14 fe4441a9028cb5fadd63c007996c7bfbfe53b733ec0dd87110319d1ca9fff550 Loading...

	avtodom-kzn.ru/engine/classes/js/jquery.js	95 kB	2023-03-08	2024-02-07
Pretty URL avtodom-kzn.ru/engine/classes/js/jquery.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:17:10 Last Seen2024-02-07 08:06:11 Times Seen277 Hash dfdd0a12763fe3a379b039134196a287 2efacfa3633418169286a539cfda5540d566d246 3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0 Loading...

	avtodom-kzn.ru/templates/auto-new/js/libs.js	1.5 kB	2023-03-08	2024-01-21
Pretty URL avtodom-kzn.ru/templates/auto-new/js/libs.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:09:42 Last Seen2024-01-21 16:49:50 Times Seen27 Hash b36c54dfe8803903b3b51f9ee1561f60 304c4560f610c047e3e0941ce0d51b9b06fa39df 67022973d402101320043a08e743db31c264a1300a5ee44f23b9816e6f4a1209 Loading...

	avtodom-kzn.ru/	1.3 kB	2023-03-11	2023-03-11
Pretty URL avtodom-kzn.ru/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:48:46 Last Seen2023-03-11 22:48:46 Times Seen1 Hash 75fb57a045669bedd2381a613e4029c7 04435e3b7acacdc52be10bee17be06cc5dd72bd8 19c48f0c3f3480689c69763360f51be6ca6d500f2768f4269278040bcc8390af Loading...

	avtodom-kzn.ru/	250 B	2023-03-07	2024-04-18
Pretty URL avtodom-kzn.ru/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:22 Last Seen2024-04-18 11:53:07 Times Seen610 Hash 537357420024d824760d7686fbdf31fe 5e14660b667fdc602c82300ccf3253afc242e4bb ca2f5769fc415a62dd2cd8af83b9b64604715e602f6de4c7741f9992a7003a29 Loading...

	tag.digitaltarget.ru/adcm.js	3.1 kB	2023-03-07	2023-05-06
Pretty URL tag.digitaltarget.ru/adcm.js IP 185.15.175.133 ASN #43226 SafeData LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2023-05-06 00:46:41 Times Seen299 Hash e7097284185069f52fc736bcd50cda13 1cdfdf2d869841202079ddf91e0a00a8610812e6 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Loading...

HTTP Transactions (209)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4660
Expires: Wed, 30 Nov 2022 05:41:09 GMT
Date: Wed, 30 Nov 2022 04:23:29 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 149
Cache-Control: max-age=108611
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:29 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:33:40 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 04:17:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 330
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9502
Expires: Wed, 30 Nov 2022 07:01:51 GMT
Date: Wed, 30 Nov 2022 04:23:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ZxRbX+Wem3rWzmtyg59lYMpb0aGiIdCjKR2nDXgdOYbk/X7NmEIWLky11l8py35nXUo14x4sOE8=
x-amz-request-id: 0Y76D1FE6W3K4XV5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 03:45:04 GMT
age: 2305
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

avtodom-kzn.ru/

188.114.96.1

200 OK

11 kB

URL HTTP/1.1
avtodom-kzn.ru/
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with CRLF, LF, NEL line terminators
Size
11 kB (11010 bytes)
Hash
3f2af30f578a71f14d1fa619d8b9359a
be19dedf099f4249b724fd0b51e4caa3de46c09d
feb5719a1ab3849fdee6eb61e99ad8855105d3aca8dfaf6b73ced9e7b2fd73a5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:29 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97; path=/
dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.avtodom-kzn.ru; httponly
dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.avtodom-kzn.ru; httponly
dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.avtodom-kzn.ru; httponly
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fj%2BJRWCPFdwiWAhN3hJ46b%2FyAU8zBsP6w8UWdAVsEOWM56%2FqESk%2BTCfR1NqtHoipj7aAOh1J7qzhznnXH%2B6h3UzwcxSWkMjUgRLnXJbMldOfRWoJo5qBVAcOJMHmHpo9iA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7720ced79caeb4ff-OSL
Content-Encoding: gzip

avtodom-kzn.ru/templates/auto-new/js/libs.js

188.114.96.1

200 OK

479 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/js/libs.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
479 B (479 bytes)
Hash
d8b3f948308d21e623a60044ddb6488a
070d06f175f20e9996ffec003f37b2511da4d93e
05e6249a501706617d33e4eb6b070baace4c5d57265e3dd7230e64c962691d1a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /templates/auto-new/js/libs.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:12 GMT
ETag: W/"10000000016fc-5d1-4bf2739407d00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BMS5kFgnaG0MekST56c4p%2Bn%2BDEZZ0zSikyWRuzKAwfrxTrfTxenUqLfdyVCUbF59M9nIPYcuIjourCHckZQx0HMAF1m9CNlHoZU32Drq%2FASLRtghngRUMvV%2FrMJrKu76w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbda76b512-OSL
Content-Encoding: gzip

avtodom-kzn.ru/templates/auto-new/style/engine.css

188.114.96.1

200 OK

4.5 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/style/engine.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ISO-8859 text, with CRLF line terminators
Size
4.5 kB (4528 bytes)
Hash
bb7cbc99171ad51f7fc073d067d17b3c
ead73f94f394645307613440b55a4d4b8128144a
0a9d2cc8b3d8f3a2db8f894e4804f4021c8648604de5d11d7b0f3ba66d5e4de4

HTTP Headers

GET /templates/auto-new/style/engine.css HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:14 GMT
ETag: W/"10000000016ff-3f0a-4bf27395f0180"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvYTMVtu0r56cfn4CFWWuvmsdpWJ8iwrDbYDAnKt9AlfIUwvuqBgK%2F8iF2BMYjT2jlVIepFysjEYruFPv3H8QMNYz90zF72vhSBb2Iw0BDG8%2B0Cn%2FwpoObAijkosaOWMMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbd91a1c16-OSL
Content-Encoding: gzip

avtodom-kzn.ru/engine/classes/js/dle_js.js

188.114.96.1

200 OK

5.4 kB

URL HTTP/1.1
avtodom-kzn.ru/engine/classes/js/dle_js.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (656), with CRLF line terminators
Size
5.4 kB (5446 bytes)
Hash
6c2498c93145f36b07f8bb82c1b6afe1
4b21f32b4d1408888911fb599d92d1b1b7ba4d7e
e2ded5f9da74c4b89040426bcf5338db9158072b71322758be023ccd7b9194ae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /engine/classes/js/dle_js.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Apr 2012 09:21:00 GMT
ETag: W/"10000000011a8-5295-4bcd6f10c9700"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY31QpgDV6nX881KlvYdsryWN1TY7oHPMUa3Ccq%2F7pv6SDt12gL40YKw2KAN%2BK6ncT40UOuSR4mrCiSNDl0dWaeD8Sf0pj2ifsO2rYwB%2BIHeboKrhP8PIUqZ%2FLAw3hnSxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbdde80b51-OSL
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 874
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

avtodom-kzn.ru/templates/auto-new/style/styles.css

188.114.96.1

200 OK

5.3 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/style/styles.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ISO-8859 text, with CRLF line terminators
Size
5.3 kB (5341 bytes)
Hash
a848b20d63303a0ae03c8abf5555ab5e
410fe0efc67a5909dedf59eb7ac9fb6ae9e8af2a
8d9f0a927ac4a7a7748e482adc936b63f10d0c3d07698c59059152028ea81c83

HTTP Headers

GET /templates/auto-new/style/styles.css HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Aug 2012 13:25:26 GMT
ETag: W/"1000000001701-9cf2-4c7daacfe7d80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7b3g6rgQ6ZwkJU3DKybLONtDNVMzCLYkIpqxuB87n7%2F99ay%2FN5WN42K9YACzDP%2FRmHnONbibt%2FirkF2%2FEahIgojXXSVRpvHisxKYTYa7BT2Wb8YKqqB3pmDeZ70O5kybQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbd994b51e-OSL
Content-Encoding: gzip

avtodom-kzn.ru/engine/classes/js/jqueryui.js

188.114.96.1

200 OK

18 kB

URL HTTP/1.1
avtodom-kzn.ru/engine/classes/js/jqueryui.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18578)
Size
18 kB (18009 bytes)
Hash
07dd0fd802248ec8e29d808c1da0e48a
dd350d1b0f9e31a5362bf0e002b4b27e4ed8e3e6
5a1c0a3238181b90689c76d354c8b6abd72ae6e44f5d394deef97cf1d040c16a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /engine/classes/js/jqueryui.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Apr 2012 09:06:00 GMT
ETag: W/"10000000011aa-106ac-4beb98798ae00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSv6uJ7XGERiA85MnlBifbfrKDqTrFajZSurZaKLPuVhw%2BbZKdm%2BascCB4yOkEUfmTZsEj54ZycGCdRoB24HFZnDzkYFqspPg3FfrThXWqZsIqoPb4iZ2z1h%2BHFpCIihgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbdd1fb503-OSL
Content-Encoding: gzip

avtodom-kzn.ru/engine/classes/js/jquery.js

188.114.96.1

200 OK

34 kB

URL HTTP/1.1
avtodom-kzn.ru/engine/classes/js/jquery.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33733 bytes)
Hash
d84913548440d1eb9086fd06a90ef574
e918fcbaecd78cdad42fc472eb022597bdef78cd
1ce4db28e4ef125e64717c133f12f1957841675b173e53a33c0861125065f047

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /engine/classes/js/jquery.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Mar 2012 10:29:00 GMT
ETag: W/"10000000011a9-17278-4bbfa9bfb5300"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MNeG5tSH48CNEdAxyK7F6D9Tc6xVr1K99FsKFcgrMSvSMfl%2BVwmek6SyJqR3BlffJkcz3wn1t0Rk%2BQ3XlvjYMjimbJxZxTZBgbSga5XxJeOE4EafVE2JQzC%2F0kzdORsfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbddf9b4ff-OSL
Content-Encoding: gzip

www.linkstars.ru/buttons/1.gif

104.21.85.63

200 OK

2.5 kB

URL HTTP/1.1
www.linkstars.ru/buttons/1.gif
IP
104.21.85.63:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 88 x 31\012- data
Size
2.5 kB (2503 bytes)
Hash
4c997654465859ceee57735ca511b756
24ab35b006d471673d7b08ab2816e1bb56af4e17
002bd75b2c4066bc4378724618408c47e816b32ee5473c0034087c62dc3f93a5

HTTP Headers

GET /buttons/1.gif HTTP/1.1
Host: www.linkstars.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 2503
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2010 09:32:44 GMT
ETag: "100000005a1e0-9c7-48d2459562700"
Via: 1.1 linkstars.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=db1FY8%2F96ZW9Yr2Wdr2cGFIn59c9IWmusw2KFHTQNhpyKnmMj1kkWslLza6G4ETuv24d%2B16ovS4i%2B0WGWlrrR76Vn6NzfOhPIKnzTagh8Qxw2SO50bwMlzSo5769C2mSsgYI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3d5d0b3d-OSL

avtodom-kzn.ru/uploads/blockpro/152x74_mojno-privyknut_1.jpg

188.114.96.1

200 OK

6.7 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/152x74_mojno-privyknut_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Size
6.7 kB (6730 bytes)
Hash
98299d5c71a589b470de88adc6d8c9ec
4d852abe8057f69f896ca5d52012132966ad8cb0
ff39cc12336b03e4fb054ed918d0456732317366e3c4c558ad930d96d336f1c2

HTTP Headers

GET /uploads/blockpro/152x74_mojno-privyknut_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6730
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001ca6-1a4a-51089b99cba12"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dChtOKbsVYxaLJ04jtGRruu3UCFFndanG7YpODxE%2FkLGdUX18k8w93d9XvcTANNl1dfLceHNWeDCRiNGyYrkv36t8RSlkVS1ZQW1wh7laeR0x2uU1Wo3jK%2BJ9as1Q9kKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3bb3b512-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_lexus-is_1291183297.jpg

188.114.96.1

200 OK

3.9 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_lexus-is_1291183297.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
3.9 kB (3925 bytes)
Hash
fbef52d7961d76ece30414cbd10491f2
026f1ef86643f882fc16721046281ffbcca8dd94
fb2f9f12a29ab42853e36e3c80f3e01069eb76b246494d11a17ba5b72a67d41d

HTTP Headers

GET /uploads/blockpro/112x74_lexus-is_1291183297.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 3925
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001baf-f55-51089b999acd2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdlPaEntjREH302%2FjIDL42uXlsUdHk%2FCWBB9Y%2FFxOb9E%2FPh4eK3DAAArmS7SJqzkKtrNRq8C58uYxKqS%2BNOzGOGisgkN3jM0XHL%2BRO6MIELepPSL6XCH0c%2F0rTaOuV%2BQMg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3e2db503-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_smart-fortwo_1311331333.jpg

188.114.96.1

200 OK

4.1 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_smart-fortwo_1311331333.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.1 kB (4131 bytes)
Hash
ab44705fb6ea5dd1ccb0607eaf01ff87
6fb29e05cd48944d7a933bcc3c8e851c397b0b7c
356d88657a2d0b74c07d39d4cdc199faabfd660bd6c14e8cc7e484e3d7c30929

HTTP Headers

GET /uploads/blockpro/112x74_smart-fortwo_1311331333.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 4131
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001be6-1023-51089b999d3e2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Fl8nRBG4eq6J0m%2B1eUrg5rTbQkCaunlu7ehD9ilkWJqyBwYnXq00sgy9F80iN9A7%2FFp8A9zcPcHCKDe42hlXv4o5rDkehi6%2B51fcg9EbmTDSdVzj06QHSlnfzduC2mnPA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3eb50b51-OSL

avtodom-kzn.ru/uploads/blockpro/152x74_premera-nomer-dva_ford-escape_1.jpg

188.114.96.1

200 OK

6.1 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/152x74_premera-nomer-dva_ford-escape_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Size
6.1 kB (6080 bytes)
Hash
6dd7c1818bb885f12651b5e88da3e827
3fbfbdb294dc1c37af4273376500370e4bc406a0
f923b566ee4d3b50453646ec221b28e7df995f84d5e8d9afffdc78f8b176dc0d

HTTP Headers

GET /uploads/blockpro/152x74_premera-nomer-dva_ford-escape_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6080
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001cbe-17c0-51089b99b5a82"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crYsp8CJlYCSBkk8UPrfcQ%2Bxr4z%2BEUEdNrOLOkbiiyyLn45N1BX0iRTQB9ovxnoNsvZr42rKu%2Bzfr6FnQRaw8UGgafrwTf9I39Ek5GrrX6nuYEXTGsV2knpoyfRu67rUQA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede39c41c16-OSL

avtodom-kzn.ru/uploads/blockpro/152x74_na-luboi-vkus_audi-tts_1.jpg

188.114.96.1

200 OK

4.6 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/152x74_na-luboi-vkus_audi-tts_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Size
4.6 kB (4637 bytes)
Hash
94dad03bf8fbde1fe0c6c891a26d3773
f1e855c736c50450fb871ac8cff12d07d39c9c30
72df7c5951f981610321e809d398ea4be70f8c9f50bf8e6c68857a472bdfef32

HTTP Headers

GET /uploads/blockpro/152x74_na-luboi-vkus_audi-tts_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 4637
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001cb2-121d-51089b99a7022"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8D0sg5HnskS9wZYtgJzhVphNW7ai8TLrMXN1e7Ql4xPuJHFeXg4bE5d90YZLL9Yd7ze1wYuqH0Z7WUaugQYTTAhk%2B%2FgnlVQdGArraMacyPIRo%2B1sYnT1CvrTjNgmX0l2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3a90b51e-OSL

avtodom-kzn.ru/uploads/blockpro/152x74_399921.jpeg

188.114.96.1

200 OK

6.9 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/152x74_399921.jpeg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Size
6.9 kB (6880 bytes)
Hash
b4a1aeb165f8160fe2852cf7dec53039
26cd5e3db074801762dd57059eece613cc95eef4
123b4946a99787631f4ccde3a7351cc38c206ccc35454a065178834c2bb654b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /uploads/blockpro/152x74_399921.jpeg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6880
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001c8d-1ae0-51089b99f0403"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHZ2qUdwwzE8sDemw5ViyMmG5olRg11caYBtJNQ5zPFPuLUgzPnm%2BQs2XxBhMtmCRQLhgsZuVNEyCLyCnPHbngj6dLypd051ujU%2Bjyt5e9XNU%2FX6bhwZJsShuGrlqzry0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3ee2b4ff-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 91
Cache-Control: max-age=103489
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:30 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:08:19 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

avtodom-kzn.ru/uploads/blockpro/152x74_bez-skromnostei_kia-sorento_1.jpg

188.114.96.1

200 OK

6.1 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/152x74_bez-skromnostei_kia-sorento_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Size
6.1 kB (6078 bytes)
Hash
26a3b5187481ff2df5b892595645a046
eb15792606b98a3df294e8694aef2cc3b45f9ac5
b3fe67a304f5ca2912b7ef963597608e91376a6a1ed55c2ecf1b0a204700aa3a

HTTP Headers

GET /uploads/blockpro/152x74_bez-skromnostei_kia-sorento_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6078
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001c93-17be-51089b9a25f63"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heK1QklwyOOQJSOk9vJQWdytql%2B7WLrzJhy%2BeMDori0M2xXIxGbTFFRc9yd2eJ0bekdm86lPxD65j9W8kHUIO5%2Bkivnkhb4Z5RFZ%2FD1v2sGAdfZMPeSadbZq7oCeYwx%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede9beeb512-OSL

avtodom-kzn.ru/templates/auto-new/images/audi.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/audi.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1094 bytes)
Hash
358e1c9e5c3fa24e8ff3da8ffbf4054e
25ca7ff23c895ba0bad974eba6267c0b2b1a65f3
e87237c237ca404d241acda142186e16863fdf70cb38c822382a2d2d9d25b148

HTTP Headers

GET /templates/auto-new/images/audi.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1094
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:57:58 GMT
ETag: "1000000001690-446-4bf27386add80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QI%2FW336rikaeF8jOOsFhvbxgLuV8NJ6CQrwLIIUJ54DUlKS0k%2BO3iaTZArcO71ESC%2BFFne3IiNE3SPbW%2B%2FhzwSlWIaRrCi%2BcLD4VXwt2HZiEpYMQF7a0nv%2BQ3lCcKWJ%2FPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf4f1e0b51-OSL

avtodom-kzn.ru/templates/auto-new/images/bmw.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/bmw.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1155 bytes)
Hash
4c59f20286ab76590c92b179048762dc
b0c60f1f09388a9dcdb24a9e55e7398ea0a874ed
009f32072179abc0f4ef8535dbd62a3d70602df161749538a2155c2e97041e17

HTTP Headers

GET /templates/auto-new/images/bmw.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1155
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "100000000169c-483-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHRE%2BT6Cs8TvpFNmg9JIBpJiR7Bj1zYLEKEznFzY4hP870H4TgS%2By63DANBEIUmGBzI%2Bvb6IoJmFByOBNTDbCZlaB7r%2Fo%2FgyBHOo1nx%2FRrwz%2FPJtdqJpiJ0L%2B7gGxYdyQg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf4ae3b51e-OSL

avtodom-kzn.ru/templates/auto-new/images/alfa.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/alfa.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1206 bytes)
Hash
4c2ce953edf3cba6822beb343f8c7c7b
67301ec01d57f8bd92bd0b95e1edade5c7ef9e62
eedd96470b970d6017d105b105e1864df245f8a22996c2f055aa8e0cd8f5db4e

HTTP Headers

GET /templates/auto-new/images/alfa.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1206
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:57:58 GMT
ETag: "1000000001689-4b6-4bf27386add80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1OZl6QXORxri8F4Pr1N1Q8%2F1keZovF2O17FWV8FO315qe7KJBrGCdzmJqjveEzcqjjNkJpZKuUs2jpEGsW239l27wM43S%2BC40YQaGbFPubNoqTBzYzDOXNbSLTtTUYpiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf4a1b1c16-OSL

avtodom-kzn.ru/templates/auto-new/images/chevrolet.gif

188.114.96.1

200 OK

579 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/chevrolet.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
579 B (579 bytes)
Hash
c586f2e9b43007c940b337766971e213
031d0e4f6d229ef2477a3c8dda9f9abef4169c92
760884c5ab101a9d2ecbb27e010e7efa5b565e7959fec347586c3799a499dfed

HTTP Headers

GET /templates/auto-new/images/chevrolet.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 579
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "100000000169f-243-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPQvv0UVkiHouKd0vvLAD%2FSDEQwod4zetqxBn21TfF%2B5Z218LoSqs7TatB2upAj3CplRxTF5pH54Mr8ISAEa3bHeRfzqVdRFdnmwLwRVizqnUBayznfv%2Bad3QU92VTLJmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf6f5eb4ff-OSL

avtodom-kzn.ru/templates/auto-new/images/chrysler.gif

188.114.96.1

200 OK

555 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/chrysler.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
555 B (555 bytes)
Hash
c4975723b2b3cf66345fb04e434ced66
f6bfaf70e22d27f84c2ce662896580106abffc3a
19d4753a7453f46eeb072cf9678ceacfb2ac56e77d2d4270af147558b1ef114f

HTTP Headers

GET /templates/auto-new/images/chrysler.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 555
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "10000000016a0-22b-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOahnXD2LINYQpnUf4n8gASKUpkL1zg4wW2Da0jLdwWiNZFPudn6J1zVzOdcCunpYrgGmJuMTkUfb1L6AoP1AO0ja5prnriIm%2BSvGeE%2FPaOqn4du8JdYkLOuq9Vd0jnp4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf9c44b512-OSL

avtodom-kzn.ru/templates/auto-new/images/citroen.gif

188.114.96.1

200 OK

618 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/citroen.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 19\012- data
Size
618 B (618 bytes)
Hash
d8344e557926264c59be1852be90ad15
06489acaa3f6098888bebfbc18f703c55d4477f9
8b3c971a969ceabb86a8322adbdace4f3810dc4ef14402054a8e3e2f3f08b137

HTTP Headers

GET /templates/auto-new/images/citroen.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 618
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "10000000016a1-26a-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Dkk8Wai%2B4fHBia9H3FpZDrPt1rhwP7uP6IQCEBgkE5fQN9lV%2BccrMI96WL0YOzFMolY2U8MmVEYyDodmDY%2F3A8VXnOuVlXQsoNT91jESAIaRO8mB6GCgCErJtorFW08Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee00f640b51-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ed999db91146cdfd9ac1d178ffd7b6ab
f4be7104633c84b1e170f20426671e0c9d649bbb
3ce4d863b27cdec31929e8fe8935c1f8fd15f6b1e8cb1a26d14d87360c0fe9e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CE4D863B27CDEC31929E8FE8935C1F8FD15F6B1E8CB1A26D14D87360C0FE9E5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2511
Expires: Wed, 30 Nov 2022 05:05:21 GMT
Date: Wed, 30 Nov 2022 04:23:30 GMT
Connection: keep-alive

avtodom-kzn.ru/templates/auto-new/images/fiat.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/fiat.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1207 bytes)
Hash
373d94576f04551aa99b148c1975a3f1
8e7852dd7d587f96ee3e09a161ea1984f649206d
7ce25ed1ee0d3d16d3dbe18d37ff4473177a490a615e6b68ebfda110db4949f9

HTTP Headers

GET /templates/auto-new/images/fiat.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1207
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016ac-4b7-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J825j95kkaM9mUvqqc51iFOJUlknui%2BxpJxj9fByoNR5sPV7REJxcEX5GGxQV3gramBMBTmH7LnwiMCoZAXffethZVyTaNnWK5m8TpPdSvKPYM63SIYQaCjF7rUYqHWJHA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee01fe7b4ff-OSL

avtodom-kzn.ru/templates/auto-new/images/dodge.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/dodge.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1211 bytes)
Hash
c09229759e70266ca150e91a217ab673
fdbccc534da8f08f0a7a8f6ccc8ea6a596e22965
37b248b1c06ae8f661da27e85dd89b7e913b6ea3a3f550b484276f4339478a5b

HTTP Headers

GET /templates/auto-new/images/dodge.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1211
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016a9-4bb-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJCb0Thg5RssiyT%2F0Gf5Djn1t%2FbZoxcmZ7Yfk1MJDLy86UoMjuUmHZHCK8Bv3HMtE3lmPJiXNDlvQ2kDwjT%2BXMrXhize59gsP20WBijclr7oApYLiNbMhg3gZ6ll1xJmGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee01a501c16-OSL

avtodom-kzn.ru/templates/auto-new/images/daewoo.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/daewoo.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1065 bytes)
Hash
43fa347014bdfc3297dd867b4325948b
e8589f4392f29f7b97862622724d25968c084d1c
c6165f5aef85670897205ad2ff06abdedde0b173beff1985db4e681c62fb0552

HTTP Headers

GET /templates/auto-new/images/daewoo.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1065
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016a8-429-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm48SmpGVhZPf3v6Z5SNKb%2BtcwVpqqbv3J5tuPM7GwzO%2FcPRcgNR8JMZ%2BVay%2FzfwTWPp4giXqDDnUnQor02oRKw15uihg6MdabFFhtTNuPtlJIfwob0a%2Bs4d8XaZXVJ2qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee00b2cb51e-OSL

avtodom-kzn.ru/templates/auto-new/images/ford.gif

188.114.96.1

200 OK

992 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/ford.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
992 B (992 bytes)
Hash
1079aca58454fd3da0e659f00f04683d
8f22fc5dec9ee1626a0cd758f4dc2510e66a5cca
184d3cacee9cb40f821db0f5d3fdea87dd80ab0e5037f9f364c0279a352fb45b

HTTP Headers

GET /templates/auto-new/images/ford.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 992
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016b1-3e0-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyhlinIltMOiOTnh8ZCEcq82TqaOlx%2Fjua5aGOVnImb4NWL621b6abUvRhbcSiZQ7Mw60tK0grJXwCeCl8qJaIqzQbDAnTkmVivCK%2F7LBMrlGcAEC74h3uQf5csXQ9PcRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee06cc5b512-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ed999db91146cdfd9ac1d178ffd7b6ab
f4be7104633c84b1e170f20426671e0c9d649bbb
3ce4d863b27cdec31929e8fe8935c1f8fd15f6b1e8cb1a26d14d87360c0fe9e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CE4D863B27CDEC31929E8FE8935C1F8FD15F6B1E8CB1A26D14D87360C0FE9E5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2511
Expires: Wed, 30 Nov 2022 05:05:21 GMT
Date: Wed, 30 Nov 2022 04:23:30 GMT
Connection: keep-alive

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dtGNEIiXg0YTLrjTsie14A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sp4TbPY1fJ1HU5KEJejdnBJzlTo=

www.acint.net/aci.js

46.4.114.109

200 OK

7.5 kB

URL HTTP/2
www.acint.net/aci.js
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1408)
Size
7.5 kB (7461 bytes)
Hash
ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de

HTTP Headers

GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
etag: "61a4d3dc-1d25"
content-encoding: gzip
expires: Wed, 30 Nov 2022 16:23:30 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2

avtodom-kzn.ru/templates/auto-new/images/honda.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/honda.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1141 bytes)
Hash
4a5fd162da8585b78540667bb8020776
c8f23fb988eae22ac42f7187600bd5a6b1b02226
81e235d7eab502e4a2c9f97875b2afad2d4172f8610def12ef044592648bea8d

HTTP Headers

GET /templates/auto-new/images/honda.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1141
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016b5-475-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQvC1YG%2FUJYQqXf7b6FrnGnvZEwgrx6jbKZMFpG1nG3PU2V0qXWpy4gv5GBiY8ok4345%2FbYCTg99Eb9GcaLtSI%2ByaiJTotNPE1JdT789kDqvWDLaiMH5bTLdaS3RK1%2B0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee06f880b51-OSL

avtodom-kzn.ru/templates/auto-new/images/logotip2.jpg

188.114.96.1

200 OK

56 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/logotip2.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 700x319, components 3\012- data
Size
56 kB (55837 bytes)
Hash
04ce6e76e33b53010246762f6651a546
3b66fa69a493fbad387a59b86cdf3a74ea918403
83f1efcd3595297c08a6e5547b3434dcbd750db70a3ca2f77737ee054564c5fb

HTTP Headers

GET /templates/auto-new/images/logotip2.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 55837
Connection: keep-alive
Last-Modified: Thu, 22 Jan 2015 22:25:17 GMT
ETag: "10000000016c2-da1d-50d45258d2897"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBzw2XB5toqucgvA%2FnmcnCIbPflPvDqjhX0ThWppLPi%2BctUGh7nerPJ4ZeIxDdxpIPQZxFjw8cFfyzQrfXqRtEcthg3P7TxNYkyIFzl5G%2FBbez6%2BP1BdRIRB21afFME64w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf2ea5b503-OSL

avtodom-kzn.ru/templates/auto-new/images/hyundai.gif

188.114.96.1

200 OK

1.0 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/hyundai.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.0 kB (1046 bytes)
Hash
b407cdb8cb338a09603c0e8cd9415804
60c626c534fe4db29d53a9d3a362f8ea93cf2295
9a56b58e009ea0e52ad27365ba1dc81f9933280ca2ff6e8699e71946e2f2985e

HTTP Headers

GET /templates/auto-new/images/hyundai.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1046
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016b7-416-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUuH4Dgsiy8l7hEoU6FzuU8q5TxET5z0RYa50ptAvJGOCRia94tQkWdMWto7VxwXqZ2hECUB907GvI1OalNn6YrjcIgHvhpr6Q5%2F05VFiORMhBQFspaxVUXaye0JYYRluw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0b81db4ff-OSL

avtodom-kzn.ru/templates/auto-new/images/infiniti.gif

188.114.96.1

200 OK

574 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/infiniti.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
574 B (574 bytes)
Hash
950f5b96a8f1afdd98bd7fd3ec1f3e18
88191c1d20ab66ac9a3ea892af35e28deb04a1cc
9849acc5627bb31241d6cd075015fb3ad7041a8e33a3c3329713a80011dabf31

HTTP Headers

GET /templates/auto-new/images/infiniti.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 574
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016b9-23e-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QVSsr2s%2B5u7OB%2BTVsngsmwzu18bG043JR2sMkMiDTsbRn%2B%2F5QoqrAug717SzQKNiv%2Fz%2BYIADzNBsPZkLUMteN5CnWJ%2B0umJjNkBeP%2B%2Bj74bPHwfy74PHv7V60ximHAqhg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0ca731c16-OSL

avtodom-kzn.ru/templates/auto-new/images/kia.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/kia.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1124 bytes)
Hash
35d5cdb2df6f6cafd21f684979bbf69f
21bbc37edf64d5e0507207f6cab2f302bd939d8d
23cf581c1f90d438811222b24887fb732418568a775b0eaefd87faa2c7566c2d

HTTP Headers

GET /templates/auto-new/images/kia.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1124
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016bb-464-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XJmFv28m%2B2iBlP6R7B9B%2BHYfSSDhAfCylZtHc0dzIEo0BfwrbIx0mr%2FaDx3%2B8MmkT5QP%2BmQaxXEqhuMJrDZRXh9rtZdGXe0pv3cxCXstJv9XNuHrn0BMTnPpv4KFRtoWw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0cceeb512-OSL

avtodom-kzn.ru/templates/auto-new/images/jeep.gif

188.114.96.1

200 OK

604 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/jeep.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
604 B (604 bytes)
Hash
a5c89132d30353728891d002ad50fb2b
2b47a166b7ef7192e06736f61cd3eb537bbfc546
5716b2dd319ee3a069d517ada35f56f20b1b2621064ece79af563179582d2d88

HTTP Headers

GET /templates/auto-new/images/jeep.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 604
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016ba-25c-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EiQwudbEc4CWFjfZYmHJcTB0%2F92LSafRWCrYGngNmDKHDolWpDCTjuhEzHhb87GNB4pJFc%2Bmp9%2FgFtnzItJDNtZb69DHODWvRTC7ymFMk25BHPKjzBKOgpes7p3r%2FjvZA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0cb6fb51e-OSL

www.acint.net/mc/?dp=10

46.4.114.109

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/mc/?dp=10
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10

www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9

46.4.114.109

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9

avtodom-kzn.ru/templates/auto-new/images/lexus.gif

188.114.96.1

200 OK

637 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/lexus.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
637 B (637 bytes)
Hash
aabd808936df21bfe33cb9e5da347bee
22192b107138a5c4b0bc2220f800a0f6244f966a
696c50d995e4478ba4491ca4d7ac3d0314538397c8bd2606b293bfbfd1526659

HTTP Headers

GET /templates/auto-new/images/lexus.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 637
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016bf-27d-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMKPzLDQRD1rIL5SSQDu0AO4ZQtk2NS5LYGqQYSAO0Pk9rHf2Uc7KvyacFkDXnqcVKwv%2B09B%2Fhqw9wjz8s5XUxNN4T4eD4bePK4i7MR98Pv7zAPtEDsTfMt5FHIetmzJcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee10fc30b51-OSL

www.acint.net/mc/?dp=10

46.4.114.109

302 Found

154 B

URL HTTP/2
www.acint.net/mc/?dp=10
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 30-Nov-22 04:33:30 GMT
aid=LgR5GmOG2sK+wAIkFtVKAi7wA/ck9wiOXpnblAQMrRbMXGJh; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2

avtodom-kzn.ru/templates/auto-new/images/mercedes.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/mercedes.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1092 bytes)
Hash
e2996699c2c5cce4ae99aafc887e3cbf
b9518360f306adc342d4bcdc4bd19da001fc846f
6b83706da8b6b794b664e0a8ca1d750ecb2516666ebccc74c853115ce55e9ac3

HTTP Headers

GET /templates/auto-new/images/mercedes.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1092
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016c8-444-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QoKRLHWIjqL9vvPB%2BPLqP4eiEEu1%2FD4E8i%2F6Gi178k0HA%2F%2BdmlGSozpGbpcaC9cSegI4EyXYVjxKcqfNBU88h3QGkMQg3s0E2%2FQZKhcYe8t1FqP1gUm4HvvHfVzuso1WA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1786fb4ff-OSL

avtodom-kzn.ru/templates/auto-new/images/mazda.gif

188.114.96.1

200 OK

1.0 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/mazda.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.0 kB (1037 bytes)
Hash
36bc90716440ce7dd6f2f44c52798555
0b696d416f5025834c64aa2f7cd5d279b61e0a19
8e9b4687593ae0ab12a377b0703b6298bc3373c42db83c06f29679faa9ccc917

HTTP Headers

GET /templates/auto-new/images/mazda.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1037
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016c5-40d-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z71oRu2EDoPZ4DsJxDCimJS0ZQx0pX%2BvXlWI%2FAlfe1ZnGiw3y9tXjIhxRRXerixIzTFCJNsfD7wl6Ztxd7B2yYxn02vOgunki8Fmwau539FxT%2FeVAOxtHeOV34Lz26LqhA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee12f57b503-OSL

avtodom-kzn.ru/templates/auto-new/images/opel.gif

188.114.96.1

200 OK

624 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/opel.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
624 B (624 bytes)
Hash
edb2f2e6ae2da6b96b632ee9db0c889b
9835dbc3c900787a9ac9b3070b03dcde91f65536
72a77fa88d4dfd50e2a2911b20a07f3f9426f0388dba3230decee2e2e49d74d1

HTTP Headers

GET /templates/auto-new/images/opel.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 624
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016d0-270-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiT3VOrpryPO9bm9F%2B6Mng5IGkX%2BWzAtEStq7UcmoDmBjmKff15LHB7%2BSJhfrAdVSVsebNQif69y1fKEep7GsHeRua2v3IabUx7W3FQXTihw7qY7JBAPL1rf9K8chGn0Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee18bcab51e-OSL

avtodom-kzn.ru/templates/auto-new/images/nissan.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/nissan.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1112 bytes)
Hash
9251434327a99f5d3686bc377442b6f9
cd83d4b026ce9f80ee6facc69158796c380130ae
60803a062426991f268b6ffc8d2e2baf04e20e29fa729101544c04e515d2b25b

HTTP Headers

GET /templates/auto-new/images/nissan.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1112
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016cc-458-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp7pl6fWb1ds%2B8WZVnhWKFTnR48ljXyuW0Xlppn%2Bsk0%2BolLS9ACSDaRq58O3s68kHEkXaZuUzyw7dn1PQ6ngw%2FUvJrGCf%2B1I9EUR22l4mJ2JoHpCkCU%2B6Wf5YkjfA7mf7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee17d1ab512-OSL

avtodom-kzn.ru/templates/auto-new/images/mitsubishi.gif

188.114.96.1

200 OK

613 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/mitsubishi.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
613 B (613 bytes)
Hash
18527f75e7694abb59c366a26e5fa8f5
2f5dab23f14cfa7caf6126d0bc062618e57d3d3f
180d165fd50ed9732e1197e50027257fdc00efe8d2cd50a3b09033e2cb9f4dd1

HTTP Headers

GET /templates/auto-new/images/mitsubishi.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 613
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016c9-265-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veivRY6lJbSTQLyEBZ%2Bal0CywJvFDIJo7Eg6sLAulRvG8qLdOhBQqUK11v58oiK4iUsAI3ski0odPLIVgi1%2BVFWqeYF%2BwbTfY4eqdbAOV1AK1If2xgiVVG8nXhcCQsMATg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee17aa11c16-OSL

avtodom-kzn.ru/templates/auto-new/images/peugeot.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/peugeot.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1149 bytes)
Hash
dd85a94d7c570790295306c320195ddd
1b3068f0800050ff02016acd11151237e969175d
56514079e54dd64573244652db54dc1405a718175457a6d977d8bad94c22fbbd

HTTP Headers

GET /templates/auto-new/images/peugeot.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1149
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016d2-47d-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0lSeVkI6PKuSFLhgZqNq5UYfdQlLvDg4Y22kBVYgNNA3dAaBsduKOcdKBrvdZdOPl6hTLA%2FVCP4lWCGt4bmu4bGBGmxLMnPJs3o0Z0iuj%2Bom6qPy6H4tbxSD5uS6hUvyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1b8020b51-OSL

avtodom-kzn.ru/templates/auto-new/images/renault.gif

188.114.96.1

200 OK

742 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/renault.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
742 B (742 bytes)
Hash
83151526c8d4e87997116d72e5cf32d6
db6e27b360e4e5e5671c788766cfc9c8399e0e9f
8416064063456a8984ebba33e5856c70572146e47888fab794b216b4cddbe13f

HTTP Headers

GET /templates/auto-new/images/renault.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 742
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:08 GMT
ETag: "10000000016d8-2e6-4bf2739037400"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46Ti7GYmOS5C0n7vly8c7RYwI0%2FPD1FtVRYbcet%2F5n0X8Lbp5JgFuxlqyh%2FZKO7U3OL6znsjYB3NV3jy1B50XGITkh8o%2F%2FHanaJcatikgIkFMPoUT2xVEYls%2FwbDKDtE%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1d888b4ff-OSL

avtodom-kzn.ru/templates/auto-new/images/saab.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/saab.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1180 bytes)
Hash
99fa4552988d9ba60ef6511a887e80fc
f99d9188b4f63fdbe62137a3fa42b8372ba119c8
ac295df3a1d97eb9fc402778d214f0c0d697881b2485d40589f955a1545b9d74

HTTP Headers

GET /templates/auto-new/images/saab.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1180
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:08 GMT
ETag: "10000000016dc-49c-4bf2739037400"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxROD2OCA%2B%2FyTJLposK20CnC9ElHL8H%2B%2FpwA3qFN5B%2BC9kPz1yi9RY5ZNCgysC6kqqAj2NwIf54LW5L7ZfEjCKR%2B4yraowqn9s6quMldpeYT3rXHqGr2djChzeXp4%2Be2vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1ef91b503-OSL

avtodom-kzn.ru/templates/auto-new/images/skoda.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/skoda.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1177 bytes)
Hash
c5dfc427ef8c35d49638b9c6fd689b77
081f069a9f5bf946ee63389f3a95cb274f5586af
b619c13308eb4ecd4a0c171b5d09492c03eb68e741ccf0ff755edbc1884ce81e

HTTP Headers

GET /templates/auto-new/images/skoda.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1177
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:08 GMT
ETag: "10000000016e0-499-4bf2739037400"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rji%2F%2FfQUb74qPtjpN21wDK2hRMzBmXEwpdS%2BmA5PBXbcRjMMgJopiYcjK%2F4jkv%2FZOkHHfDaHGncS%2B5lhd4tOh8RSu2MhZprkPE5yEG%2BgF8VhtcagYeW9P4yICQTJuZ6Luw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee23c0db51e-OSL

avtodom-kzn.ru/templates/auto-new/images/volkswagen.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/volkswagen.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1190 bytes)
Hash
2f7ef10afe85d26baadb9b4c9b1c8a84
5aa98eea379d1c4293a9f1648fee932a528890bb
7312d89e57240db6df01341dc6a0982ac8e7bf5ef07a0abbb229575fef851ed4

HTTP Headers

GET /templates/auto-new/images/volkswagen.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1190
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:12 GMT
ETag: "10000000016f2-4a6-4bf2739407d00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S13nQflZoZtzgXwt%2BVSNwqbn2Viji3d3hyjTCIKrkv7sBqds9dASg7jkaJKYXIXeCdF2OFbKezEN6qZlznQ4VGlrH0AQQgfXIvUsK0oM%2Fv8mmYD17xv%2BF1%2BG4ilbpAy4EA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee288b7b4ff-OSL

avtodom-kzn.ru/templates/auto-new/images/suzuki.gif

188.114.96.1

200 OK

691 B

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/suzuki.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
691 B (691 bytes)
Hash
7fcd8f9b64fff50546fff52ea305af90
7e406cbff68cea679ce159972fff386e2419043d
a4cc280fec9669ce3720493a609c24ecc4835a5a68dce722792d0911bc93a858

HTTP Headers

GET /templates/auto-new/images/suzuki.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 691
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:10 GMT
ETag: "10000000016e6-2b3-4bf273921f880"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sZEMdLL7MEJkWPxkyth4SEM1XAOZlVihLIv6IdWZ8s9q5LmrhGwFRI2AWrw88SzA%2FTmY2fz9WYafZDNYzEiSDpK2mYodTIGGvJUZ9bEArzkWm870YUdV0GKZkpYonCOOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee24aca1c16-OSL

avtodom-kzn.ru/templates/auto-new/images/subaru.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/subaru.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1050 bytes)
Hash
9c3d6051b90571c63e7003e9555a6ab0
0e15e8cfff841a366e4973a2be882dfe626c3de0
b4cd589e4f81b5e5486d15b331e27fc1b4ea6c499e5de9703d1577a053d5924e

HTTP Headers

GET /templates/auto-new/images/subaru.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1050
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:10 GMT
ETag: "10000000016e5-41a-4bf273921f880"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hcksq4exqWUQ8LZfz3a45alDxtuXuwj4pTLSdBFAMql%2FZv4UMiEovq%2BjfTl0LhPOQL2M5Bz23y2Fk7WHdCkuhQtIR0vAc8WzIobVHHKOJNbsk8aDi3CCfU%2BluIKOW5BHHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee23d6cb512-OSL

avtodom-kzn.ru/templates/auto-new/images/toyota.gif

188.114.96.1

200 OK

1.1 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/toyota.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.1 kB (1080 bytes)
Hash
753dd3be7407a158c7578b15491fc133
15b31606573f61829923642dd317502cc75397c1
f6fd666c07d552ca1eb48e060afbe04f9027f6cfdddf386dccad704074d6985f

HTTP Headers

GET /templates/auto-new/images/toyota.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1080
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:10 GMT
ETag: "10000000016eb-438-4bf273921f880"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnP2ut%2FKTKSl3nMOwuxzij7XOBtkMFtI2dNIwIHuLQ4W4OTGNenuS4H9s6QEyaMqQzAd3u9WdrnpVTCNJKJjm4Hc7eSdh4pSpTp1cRq1aBE87nijVv7UCDdLG2Rb1oKc%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee2783c0b51-OSL

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817

95.216.101.186

302 Found

0 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817
IP
95.216.101.186:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT; SameSite=None; Secure
uid-legacy=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1
X-Firefox-Spdy: h2

dm-eu.hybrid.ai/match?id=106&vid=0100007FC2DA86632502402F02022817

37.18.103.21

204 No Content

0 B

URL HTTP/2
dm-eu.hybrid.ai/match?id=106&vid=0100007FC2DA86632502402F02022817
IP
37.18.103.21:0
ASN
#205675 Hybrid LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?id=106&vid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 30 Nov 2022 04:23:31 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=8471e15f379733954541; Expires=Thu, 30 Nov 2023 04:23:30 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

avtodom-kzn.ru/templates/auto-new/images/volvo.gif

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/volvo.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 20 x 20\012- data
Size
1.2 kB (1170 bytes)
Hash
d7b29970dfa51a2b3519fabd94744d51
b2d7fa95563632f883d7b4870120518fa5de7f20
b5dfb2cebecb093ff63fb8f7b6b59b90f1a5237fccfcc5e662a21f63066a1221

HTTP Headers

GET /templates/auto-new/images/volvo.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1170
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:12 GMT
ETag: "10000000016f3-492-4bf2739407d00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrCmmyrtzgEdR%2Fuy9H2pObGAxwnMqBifsZlr%2BNqbQ16a7RgVhf62J2qyRdBD3BNsSCaYY%2BjC1rXxwSUzcwaWh9na%2FYpPvNY%2F0RoVGm7Bh3hr%2BdsIMVy9C2kQaZ6t516UnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee29fd1b503-OSL

sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1

95.216.101.186

200 OK

35 B

URL HTTP/2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1
IP
95.216.101.186:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=beede433-7066-11ed-8ff0-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT; SameSite=None; Secure
uid-legacy=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
fd17d2a0cbcfc6ac2c299032ee3a8044
971e581c49a1daa4dacf9bae569cffbe7235249b
357c697f582c1287b42a697c3d3f81ef212cce9f4858f8016ad0c5fdff3d5b9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 149
Cache-Control: max-age=126965
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:31 GMT
Etag: "63862723-118"
Expires: Thu, 01 Dec 2022 15:39:36 GMT
Last-Modified: Tue, 29 Nov 2022 15:37:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280

avtodom-kzn.ru/uploads/blockpro/160x100_daihatsu-bego_toyota-rush_13.jpg

188.114.96.1

200 OK

8.2 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/160x100_daihatsu-bego_toyota-rush_13.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Size
8.2 kB (8190 bytes)
Hash
dface27cefc8e24d82273a241445159f
388e6aef8158ed31f856216ff01ec34786d09a9f
cfa64d91289b45d508636cf373523d87d6bdd678af162af1a9e1671d74293e5c

HTTP Headers

GET /uploads/blockpro/160x100_daihatsu-bego_toyota-rush_13.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 8190
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d0d-1ffe-51089b99280e2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWwfuhO4RRmKTo0Sr%2FfxfiplRg5%2BYsJ%2Fe7YjMZsTSe30cHGU6SlZk4iqoq1tTf3ZZIog8x3ZpkJJkAHitHK4JaK3muyKjrDYWKT6%2BLSAobV%2BK%2BgoQUNLSsenLXDU8lVdmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee2fc4bb51e-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9769e2a53532bb8b5c5c80cb1082693b
9a010d35c1889ce7f705a595e9a958b41d652780
fccc7f3f9e20887c0121de115349c0d795c053504c79c0f37c9f072b7e1d8240

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5521
Cache-Control: max-age=159680
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:31 GMT
Etag: "638691f2-117"
Expires: Fri, 02 Dec 2022 00:44:51 GMT
Last-Modified: Tue, 29 Nov 2022 23:12:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

a.utraff.com/sync?ssp=sape

172.67.217.151

204 No Content

0 B

URL HTTP/2
a.utraff.com/sync?ssp=sape
IP
172.67.217.151:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Fri, 30 Dec 2022 07:23:31 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Fri, 30 Dec 2022 07:23:31 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=curvV18T3vU6V34WOlivMbPb6W5RxBWMCO%2F1cSW4v%2Bo3NZwTJW4q6hiAP%2BO0hcdhI1uGJ1vwqEWA6dHsQu1%2FKva1qesI%2BFCTEMkaEc4DrEQw%2BT94Kp5qt6Sb0WhFSZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720cee39b88b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

avtodom-kzn.ru/uploads/blockpro/160x100_perepisannaya-legenda_honda-legend_1.jpg

188.114.96.1

200 OK

4.0 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/160x100_perepisannaya-legenda_honda-legend_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Size
4.0 kB (3966 bytes)
Hash
7d59af95467473aacb4cf4991bf983cc
6a65031709a56f78e40c955c767ffe4329085f52
d96c46e14133d5d4b5531090104186c02983dd0642530812eba5499efe28ed39

HTTP Headers

GET /uploads/blockpro/160x100_perepisannaya-legenda_honda-legend_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3966
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d49-f7e-51089b9905e01"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S33a7Uc1nb5osNOdMSTOcoTY9D1J7x0JBr3XKZFOHYfnnyniCzjtdSrgrKCcd%2BeGkAE6kHJUG7LfLBYQInLwnTZ055c6rsSAxiogaQWN2eTwJR1HyEc6A0ZsnDTf%2FIfMDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3a81db503-OSL

avtodom-kzn.ru/uploads/blockpro/160x100_golubaya-mechta_honda-civic-4d_1.jpg

188.114.96.1

200 OK

7.8 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/160x100_golubaya-mechta_honda-civic-4d_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Size
7.8 kB (7802 bytes)
Hash
3fa04f5cf49b51d932e245a8acb0fd09
460ddb98d8c36b40acbb5d93c165dc28c63d4ec6
dc8d917b90ec43eb9fcb194cdee7f96f3975ad5d8d712b0af477a92c49280e3c

HTTP Headers

GET /uploads/blockpro/160x100_golubaya-mechta_honda-civic-4d_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 7802
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d27-1e7a-51089b9912151"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1Y2F3KomM7aYVfijzfxsYsH2pPv9MO52RLcCklN%2FL0nIUybGg4gsvZTAI4nkMSaPDV%2BgSwpi%2FzMIpDtg%2BeoTwNiMcUcKG5YqVR6SdNoEvla1E3ffLj7sqfANDBGwuNTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3bc88b51e-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_1601422272_c18dcb49770ff96fd364e4b820486d130a6444d3.jpg

188.114.96.1

200 OK

4.6 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1601422272_c18dcb49770ff96fd364e4b820486d130a6444d3.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.6 kB (4550 bytes)
Hash
c6c51008e1af089e268ab02cbb2202e9
4156a748197c577f9d84ad9197e28039160ac529
f428a33549cad37369b4c2127dabfd8b2ba3961bdcaf560d6f5dc2be9c9ad9b4

HTTP Headers

GET /uploads/blockpro/112x74_1601422272_c18dcb49770ff96fd364e4b820486d130a6444d3.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4550
Connection: keep-alive
Last-Modified: Wed, 30 Sep 2020 00:52:56 GMT
ETag: "1000000001b30-11c6-5b07d51fa624e"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bm9R32Bf65YJaFCiyLeCCxPxHzbjzVVnjf5fjU1w3zOab931MKlKohsCzewVEVHVHf4J1fga5Riz2uohgtkHe62%2Fp%2Bc2SPJBNsSs5ewdxn18nlfyRNNy92bt4mekNOy%2FqA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3fb511c16-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_1429719009_6080_default.jpg

188.114.96.1

200 OK

4.7 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1429719009_6080_default.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.7 kB (4709 bytes)
Hash
70533c32c22f4bbd020df31da4436e43
ede90a439df781b85809081c7f97f5a935d3378c
6e2595d6e3de2096a2cc5088883c2a7663421fe782d8a571a7c5e4d522302141

HTTP Headers

GET /uploads/blockpro/112x74_1429719009_6080_default.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4709
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2015 16:10:33 GMT
ETag: "1000000001b2b-1265-5145267263db3"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGTtJ32kxvcFX5Qwae9UGyw5zmJ2jWblN1gGyutZEPqC9Zyg%2B76H2lQMUmRciPzj0z2AhPGOVZbvifhyyqWR1JBrdpiT9yd1NtEux9Mhe6t87GFTNz07TkWTzxHNBHAAdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee4185fb503-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg

188.114.96.1

200 OK

4.7 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.7 kB (4730 bytes)
Hash
3fbbc16471149dca6ea8658b979decb8
4bdc60c606f47e82a0cb3853a3e61f1bc1335e1a
b8db4ed7ada243655c635c1ecc5b913c2c6c9899d2b7aad34454a5ea0b153f8b

HTTP Headers

GET /uploads/blockpro/112x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4730
Connection: keep-alive
Last-Modified: Mon, 23 Nov 2015 16:51:23 GMT
ETag: "1000000001b2d-127a-52538090b26d8"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owS7%2BySvfKfym4cIfUX3g4yhHBKfaC8EKMn7H6tFI1YN9S1xWDFg1iULi9eUIReOasksRwJtA1BSMTQHN73fHnzC%2FErdeL6BvpHNnt9XAWyrs8P2S7Lm1mAJ0bJz%2BZUWnA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee479110b51-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_1478798412_donald-trump.jpg

188.114.96.1

200 OK

4.7 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1478798412_donald-trump.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.7 kB (4668 bytes)
Hash
a20842ae7b3967968aceb352e1735dee
84a767b24e1d6d9c23f4d315fe011e834e1c3df5
d3a8452ad05adb1ed225e61b5e676d420f9d4bd9f5e96348ceaae6e48790b36c

HTTP Headers

GET /uploads/blockpro/112x74_1478798412_donald-trump.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4668
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2016 17:20:18 GMT
ETag: "1000000001b2e-123c-540f596725448"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVyalcQ48H75MdGeb9XzbfO147WDD%2BTF0%2B25%2FHnWB9CuqGdWSiupD8Z3Ox7DcUfBsUFRDoyBWiMf7sLA8VtOyBer4KWa47xztd74%2BNO6lEeQKwtMD774U%2BD6DwlfLO51tw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee4c8adb503-OSL

avtodom-kzn.ru/uploads/blockpro/160x100_opel-corsa-gsi_1.jpg

188.114.96.1

200 OK

7.9 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/160x100_opel-corsa-gsi_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Size
7.9 kB (7934 bytes)
Hash
f40e2b8c402d275bfcb42c368a82197b
dd01a364defe8df2bcea8a3440be42fcda5f895d
506234718b5345a5b771b7cbccd3747aada797bdc0735696044c26a78934e3d6

HTTP Headers

GET /uploads/blockpro/160x100_opel-corsa-gsi_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 7934
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d3f-1efe-51089b9920bb1"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ub7kZeTUyOGSfGNv4ehnwM6YZKo%2BzAKaCnRvfTRJ%2BdDF2uzRJIOQu6XWCe0vpF02Miy7rfYMoc2%2F44uZgLziJqqRlfpzPRtmA4teB1TAlA9G6IqHhCEB%2B9WI0tXteAW%2BAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3ee12b512-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_1597423925_utilizatsiya-avtomobiley.jpg

188.114.96.1

200 OK

5.3 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1597423925_utilizatsiya-avtomobiley.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
5.3 kB (5347 bytes)
Hash
bb48ec78bfad99eef7f7e99249c4a239
9ea42ca6d5a9ec22978f7a010d0cffcbee663e33
292497f2ad9181f9f795983a461c16f7e52f64fc4cbfb24f1488d8c5dce0f868

HTTP Headers

GET /uploads/blockpro/112x74_1597423925_utilizatsiya-avtomobiley.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5347
Connection: keep-alive
Last-Modified: Fri, 14 Aug 2020 16:54:17 GMT
ETag: "1000000001b2f-14e3-5acd945822a52"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l3Eo34SsDsJxc%2FgiUdaXtfJrLhxsMNz5cphKnrVITtbHP6m9EnMgybzTPzIjyom8%2FC9QeL1ipuExhwcBdl0MCO5BN%2BqRVDMfN%2B8YRk7aLRaCRN2OchL1nMz674BP7i%2Fsg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee46cbeb51e-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_1306303196.jpeg

188.114.96.1

200 OK

4.4 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1306303196.jpeg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.4 kB (4386 bytes)
Hash
fca0bd6a8a188841a362d32eba1660af
d4a29b89d371f45e4cc026d088523b11aafb7074
bbe3e829a88bd860a40d5407b7139397020837c348286c45ce84a2d17e96aad0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /uploads/blockpro/112x74_1306303196.jpeg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4386
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b23-1122-51089b9947cb2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3N1Vm9iM6NGiwSKKHYxg%2BgPwjFuDdSkjnHVTbvZx3EPncQWg9ppLdaISyjia7m5u3R3FCXMuHC0tO%2BDGa%2FjC4e1FmUtl%2FYHo4ltoClKG0%2F0Vxr87Xodt4%2F2%2BTzR6WqHMg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee49949b4ff-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_bmw-6-series_1320423568.jpg

188.114.96.1

200 OK

3.0 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_bmw-6-series_1320423568.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
3.0 kB (3021 bytes)
Hash
281360e82dbc3c63d6905a62f11c5271
35660f952ae2ba34a598654c3924b029949fd2cf
7e574cf3a69010ed71168a22befcf66e4e6f53ce823f7df0cec8f383cd7722c4

HTTP Headers

GET /uploads/blockpro/112x74_bmw-6-series_1320423568.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3021
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b75-bcd-51089b994a3c2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs3SwqIWnH60%2BhIYH0cH0E0r4PM7ElUsMD%2BlZtQMshuqmmJAuv5vPf99dQJoLNUcAANg2A8jp3Vqcu3fj2xoh4mwIQyVmfgDivGYJyLR7cJYkQyttgKv6zW0w%2FUpeqpW0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee4ab7c1c16-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_1283493965.jpg

188.114.96.1

200 OK

3.1 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1283493965.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
3.1 kB (3071 bytes)
Hash
db304e3485b84a7110c4eca1494be8d3
9361e19c49ba13b4e19203986c8808e30939c814
144b0eeb460e21666c4a48d9605fe320919311e9d9074b4b94a4e38527a6703b

HTTP Headers

GET /uploads/blockpro/112x74_1283493965.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3071
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b19-bff-51089b99714c2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS1QWrbtglgxnNzWWtUJD9KhokdCIWnvu6LCvvOQc35986ATwPs8rqp5H5zUtCWEJYksPbHqwqFPO0eT8uz%2FH7CloApaTDjaJxwAjnyiuGZqTJO%2BJcuVHCeaEQvsIa%2Bs%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee55d3db51e-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b70adf021425d7e992c7cd64481c8e31
cb773403e99992c587353a18b06b4fdf3437d316
5e368e20981d070814b693ec0fdf1ed743a4b7219d53c4059e35411bf0392c0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E368E20981D070814B693EC0FDF1ED743A4B7219D53C4059E35411BF0392C0D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8455
Expires: Wed, 30 Nov 2022 06:44:26 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

avtodom-kzn.ru/uploads/blockpro/112x74_1287555710.jpg

188.114.96.1

200 OK

6.0 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1287555710.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
6.0 kB (6027 bytes)
Hash
3862e3d09a6d6d91a285294394203d8b
f45949bc539947b84f273b4f1ce1fa354b06a8c0
30f5868646353730bb02f29b7ac275009ea13145d3a3cf956f247ccee59dbae7

HTTP Headers

GET /uploads/blockpro/112x74_1287555710.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 6027
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b1d-178b-51089b99714c2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC7MPtzH2hqqi4zOw7il%2Bz4FSz7ms382Lzt9ygJqUBJFnYKPo3k2qILbzcD0KoKrfXf8nlJKb51e1X%2BTV4r4XakhgxsEkcWn%2FyXtm8%2FAZb1d8lNXjY0M%2F4wP0aX%2FRiCclA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee589bcb4ff-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9735c18e01330c6a7939158c938e4a79
e109a5497eaf0b7390dad58ce2857cdd181317f4
6e6a68ff6e320cf1ad4c0fe0679667285308aa6d1e06b25b41051f08fce3bb40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E6A68FF6E320CF1AD4C0FE0679667285308AA6D1E06B25B41051F08FCE3BB40"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13890
Expires: Wed, 30 Nov 2022 08:15:01 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

avtodom-kzn.ru/uploads/blockpro/112x74_nissan_1320309099.jpg

188.114.96.1

200 OK

3.6 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_nissan_1320309099.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
3.6 kB (3569 bytes)
Hash
17e483bc4bb9fee41fd23cd2048218cc
1a0141ed4fb2ad341c5abeeeda70e11e0e6f4894
5a0aed9a270d99b7d65b6d532c34255780386784cf86e5ac4a04f1fd1ddb1796

HTTP Headers

GET /uploads/blockpro/112x74_nissan_1320309099.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3569
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bb7-df1-51089b99455a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xK4IDLf1oX9X6eMRnJRp9H0fv7M8Ic7rVLdxBwQrl2UwTPp7JJpxTPlJC4DU5QwkNEJM5jd22B8C70uEridyDM5P9Hc4e0XkUOOE8svwQKaySEFm2j%2BGq%2FuHx7X6zQ0%2BTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5194f0b51-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-c63-amg_1324555593.jpg

188.114.96.1

200 OK

5.2 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-c63-amg_1324555593.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
5.2 kB (5194 bytes)
Hash
47c4603a7ede24df68a03a85a9994f4e
dd418141c52c1c0d3b8ce8d68cac2dc777c6ea07
be4e82ccef01d1801c803ae146f6174649b827f1d00ac7be76b250423fd5a762

HTTP Headers

GET /uploads/blockpro/112x74_mercedes-benz-c63-amg_1324555593.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5194
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bb1-144a-51089b997ff22"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCfKPaIm19aCnoI%2BSTk2SnyOULHGZQpSelExfyjiuyOMRDhX9RtSud56f7OV9JJexA0u4h08RyqhXvZvSq9HXdGPwCJAda%2FwaP9D7k9cZz0asgSKUmI75CyvDFrkT9qHHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5abc11c16-OSL

ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D

193.3.184.216

302 Moved Temporarily

142 B

URL HTTP/1.1
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
193.3.184.216:0
ASN
#50214 QWARTA LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3303420AC3DA86635A008AB702060B36
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDM2OG2sO3igBaNgsGAlkRA8pTQZW1H5tsTosaEHAwhFjG; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None

avtodom-kzn.ru/uploads/blockpro/112x74_range-rover_1314296633.jpg

188.114.96.1

200 OK

4.6 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_range-rover_1314296633.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.6 kB (4645 bytes)
Hash
0e7625dfead76ce6d9b6fd329dca3bd0
47b2a0870d4b1e80188587a9d1a2fbc1e2ef091c
2bc6a4ab7d6098e6dfdb80155d49786690e17728e334a41e54184b9a810e772b

HTTP Headers

GET /uploads/blockpro/112x74_range-rover_1314296633.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4645
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bd7-1225-51089b99762e2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9blz85d2iiBPbVsaskM1hLlrZZb5sKjFfCNLW0d239nUAaFfiZCfVYG23s7zmWLlRzvY1ErX0sCGN1QulWhC2XDa1cDtprMXbmDCUAyFtbPPnfE3GCzK2GxhIQwGQhe9Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee528ddb503-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_lamborghini_1297576455.jpg

188.114.96.1

200 OK

3.2 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_lamborghini_1297576455.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
3.2 kB (3246 bytes)
Hash
3f91bd124b9a80a3c2f4542295265886
99a1ae8c99252525619daf76fe62da10147ff438
f9193b87146ebd822f259b6e81b5e0d5b0114e356cdcb3a3bccd79abc5185f40

HTTP Headers

GET /uploads/blockpro/112x74_lamborghini_1297576455.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3246
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bad-cae-51089b99455a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LndF7NLvchbUGTdADVzEwiEYr1BWHGeOSCujf%2BS2bzqfzqJ1jNUXrJEh7uf%2B6gICmhJlm2VtpVPdaaIAYc6AdS3G49MRPo2VYiH6hzYL6z4GJIFY6KHZbUsH2F9IJwAEVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee53e92b512-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6af0e1fdb65f3cc3718b99bead1f9b5b
5258190d223960ce20e8456ee26ef2d3b0cd9f0a
e07851e40a79d50ea3b23979d38ee080900cf0d28098457353dc940e034137d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E07851E40A79D50EA3B23979D38EE080900CF0D28098457353DC940E034137D9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Wed, 30 Nov 2022 05:17:02 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

www.acint.net/mc/?dp=10&tc=1

46.4.114.109

200 OK

1.5 kB

URL HTTP/2
www.acint.net/mc/?dp=10&tc=1
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.5 kB (1461 bytes)
Hash
ec0d0791d2a404a7ffefb0ea45e4772f
8f19a43405ef00eda0c5e97e595953c1bd14f9c9
4479099833f25cb919f2327923cd2d0dcd858ecb4af7fa325af6fcb5af6923ad

HTTP Headers

GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1669782210; expires=Thu, 01-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1669782210; expires=Wed, 14-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1669782210; expires=Wed, 14-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1669782210; expires=Wed, 14-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1669782210; expires=Thu, 15-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1423 bytes)
Hash
ce1bf85e9240317e22c7fe9017bc795b
0accf2ba16cc76be9de2e71855e8fd284409269c
2e39719990d5fd9acfac9c0d5ac9cc6c76968387bf7bbf6cbf9fef72c695016a

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 03:56:36 GMT
ETag: "0accf2ba16cc76be9de2e71855e8fd284409269c"
Last-Modified: Wed, 30 Nov 2022 03:56:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:31 GMT
Age: 198
X-Served-By: cache-qpg1259-QPG, cache-bma1629-BMA
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669782212.567007,VS0,VE1

avtodom-kzn.ru/uploads/blockpro/112x74_volvo-340_71.jpg

188.114.96.1

200 OK

5.3 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-340_71.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
5.3 kB (5328 bytes)
Hash
3970d80643a4f35cd750004193aed728
81a031baaffe658112f120cd73f94f1cb6cef276
ff8f261edbe49b9a1b69244c5d5074608d2e6efe01b9ac6558a32ec00010609c

HTTP Headers

GET /uploads/blockpro/112x74_volvo-340_71.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5328
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c2e-14d0-5108a522dc5a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FKqFByI6%2F574YgPbqY%2FR%2FtLcQZRGb7bHZJE1HjpnsKAxn70PxJ9Q5r8FTepGWkGOLLowgW15kxbejHReG4x6wTl%2FoSDUDm0kZv10%2F%2Brz8w3YhQF3sgcnnLK4z9wVZXAog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5f99f0b51-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a378e3cc6029dde181c06e0e0568cfa5
0eedaf829e2aa8ed4515963f324fda6ce6c1a024
00c029ae05bbc62c592d0aa39980d2143aa880833cbda0cf89301c2d7b790897

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00C029AE05BBC62C592D0AA39980D2143AA880833CBDA0CF89301C2D7B790897"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13641
Expires: Wed, 30 Nov 2022 08:10:52 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

acint.net/match?dp=14&euid=3303420AC3DA86635A008AB702060B36

46.4.114.109

200 OK

43 B

URL HTTP/2
acint.net/match?dp=14&euid=3303420AC3DA86635A008AB702060B36
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=14&euid=3303420AC3DA86635A008AB702060B36 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6e9f26643cd130fc449a7cb7a33aa812
757d6ae8b71a82d35530eaac0a23c17318dfa694
21ec57af3facc5c04613f4171aa1afed199921d0aee351a784a0c913c9eda6d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21EC57AF3FACC5C04613F4171AA1AFED199921D0AEE351A784A0C913C9EDA6D3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7154
Expires: Wed, 30 Nov 2022 06:22:45 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D

185.147.80.35

302 Found

0 B

URL HTTP/1.1
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
185.147.80.35:0
ASN
#41722 Miran Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 30 Nov 2022 04:23:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=GJDHWVMR
Set-Cookie: uid=GJDHWVMR; Expires=Wed, 30 Nov 2032 00:00:00 GMT; mf2=1; Expires=Fri, 30 Dec 2022 00:00:00 GMT;

ut.rktch.com/matchspm?pi=1000005&pui=0100007FC2DA86632502402F02022817

89.108.97.2

302 Found

0 B

URL HTTP/1.1
ut.rktch.com/matchspm?pi=1000005&pui=0100007FC2DA86632502402F02022817
IP
89.108.97.2:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /matchspm?pi=1000005&pui=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=b759277b2e1c37b19eb8613cdabf15349ecc; Max-Age=2592000; Expires=Fri, 30 Dec 2022 04:23:31 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true

sync.dmp.otm-r.com/match/sape?id=0100007FC2DA86632502402F02022817

138.201.65.74

204 No Content

0 B

URL HTTP/2
sync.dmp.otm-r.com/match/sape?id=0100007FC2DA86632502402F02022817
IP
138.201.65.74:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx/1.17.4
date: Wed, 30 Nov 2022 04:23:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-e-class_1297830162.jpg

188.114.96.1

200 OK

4.1 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-e-class_1297830162.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.1 kB (4136 bytes)
Hash
1ef4d536f8ff7913c24895fce9e4f713
494e84981a196e12ed05d8a5ef45d1bfccee7708
cd4e32e91d9529f77ad84d4d9f2343e960417337cc880e827827366a1eb58ec5

HTTP Headers

GET /uploads/blockpro/112x74_mercedes-benz-e-class_1297830162.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4136
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bb2-1028-51089b99789f2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B74Sa6L9KxXmibdBGBTxesPPEcvhcZcz4fU%2BKX%2F0G3jrVkfqUEb27Ney47PotftME7DYXfzRw5AvRfkw60FNV6ISKXYnD9g85qcTS0vBZXpR5dMA3kgNndQqqtS32vVuFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5e9e2b4ff-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1414 bytes)
Hash
58b894fce9e83e3b9bcda914c2bc5244
65e9ce6301df2c849b1ac17066cc566078700e7a
7e81142aed079dd789d872f1b974cc90345852274fd1e7c091c57c10483232e5

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 02:37:33 GMT
ETag: "65e9ce6301df2c849b1ac17066cc566078700e7a"
Last-Modified: Wed, 30 Nov 2022 02:37:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:31 GMT
Age: 2757
X-Served-By: cache-qpg1250-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 135
X-Timer: S1669782212.613318,VS0,VE0

acint.net/match?dp=110&euid=8e3385453e5f483ca5219a138e498311

46.4.114.109

200 OK

43 B

URL HTTP/2
acint.net/match?dp=110&euid=8e3385453e5f483ca5219a138e498311
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=110&euid=8e3385453e5f483ca5219a138e498311 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4455b95998dcb02c0d77783b31bdda21
f743e50c365ad063ac17c26190d751c8655c028c
6d9938a902700069b2aaf56b242d06fb0475be4868472373d8c9b30cbfce707d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D9938A902700069B2AAF56B242D06FB0475BE4868472373D8C9B30CBFCE707D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3693
Expires: Wed, 30 Nov 2022 05:25:04 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

avtodom-kzn.ru/uploads/blockpro/112x74_lada-granta_1329137515.jpeg

188.114.96.1

200 OK

4.8 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_lada-granta_1329137515.jpeg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.8 kB (4765 bytes)
Hash
b3c5f3b4fd97074a4f66726b94c54fa3
fc0d5a61766d2762510fa3b16cb080ebe52a8b47
bf7ee263f3994e22726f6b933f9618deff6b4c7bb317f37d429133f48e5e34c5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /uploads/blockpro/112x74_lada-granta_1329137515.jpeg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4765
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bac-129d-51089b996c6a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y11PVkXaG9g3fhkUpgGd9JWrkmHzFGHBOGzfFS0DN5sn81C8bpvYmgwCOGCRyN4FHEsuDRTsO%2BKDVQ7PkOfG02bHFlgZjwxTDMB1ZpnWO9kl0m9kPKVwuJY4M06Db7iMOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5bd5ab51e-OSL

sync.upravel.com/sape/sync

78.46.16.13

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync
IP
78.46.16.13:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1669782211608;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1669782211608;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ef4e8eb1e0f07b1edd0ae55f6bd5a2a
55dc5b42b7e8f110fd0d59234275ce0043d0adca
a4d6e816fee030f8012ce8b5804fd80fb451f6b91aa42e7e96c6c441048e1df7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4D6E816FEE030F8012CE8B5804FD80FB451F6B91AA42E7E96C6C441048E1DF7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13122
Expires: Wed, 30 Nov 2022 08:02:13 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

www.acint.net/match?dp=95&euid=GJDHWVMR

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=95&euid=GJDHWVMR
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=95&euid=GJDHWVMR HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817

109.248.237.37

302 Found

0 B

URL HTTP/2
stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
IP
109.248.237.37:0
ASN
#201009 Centre of server systems Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
X-Firefox-Spdy: h2

www.acint.net/match?dp=129&euid=pib0w5wb8h

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=129&euid=pib0w5wb8h
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=129&euid=pib0w5wb8h HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

avtodom-kzn.ru/uploads/blockpro/142x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg

188.114.96.1

200 OK

5.7 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/142x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Size
5.7 kB (5674 bytes)
Hash
b33425c9e65ab4d920cd477d3b291900
3cfae5d1ac0f11286d7c9a6b02194425b2a763c0
5a8c6762095a1d5124a2883246721abff91fad10319ae3d70d9773131a69f629

HTTP Headers

GET /uploads/blockpro/142x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5674
Connection: keep-alive
Last-Modified: Mon, 23 Nov 2015 16:51:23 GMT
ETag: "1000000001c46-162a-52538090d49b9"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2tqakIOXiJrnhCkBQwqqGYFF6VcwKMgDSrfkK93%2FPGXPpRGGGRauAPmDlhTNG53PRY53eJGUzJpsaX1fgNzgzTbt6eWNa7EVFkk7D6O6Q3mUB1Pu5EAgw4QoOo1q61mjw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee62edcb512-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ef4e8eb1e0f07b1edd0ae55f6bd5a2a
55dc5b42b7e8f110fd0d59234275ce0043d0adca
a4d6e816fee030f8012ce8b5804fd80fb451f6b91aa42e7e96c6c441048e1df7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4D6E816FEE030F8012CE8B5804FD80FB451F6B91AA42E7E96C6C441048E1DF7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13122
Expires: Wed, 30 Nov 2022 08:02:13 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

0100007fc2da86632502402f02022817-sp.ops.beeline.ru/p?ssp=sp&id=0100007FC2DA86632502402F02022817

37.9.245.57

301 Moved Permanently

0 B

URL HTTP/2
0100007fc2da86632502402f02022817-sp.ops.beeline.ru/p?ssp=sp&id=0100007FC2DA86632502402F02022817
IP
37.9.245.57:0
ASN
#16345 PVimpelCom

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: 0100007fc2da86632502402f02022817-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=57930df0-efa3-4220-be8c-f23e5416f8ca; expires=Tue, 21 Nov 2023 04:23:31 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.36
X-Firefox-Spdy: h2

s.uuidksinc.net/match/396/?remote_uid=0100007FC2DA86632502402F02022817

31.220.27.135

302 Found

0 B

URL HTTP/2
s.uuidksinc.net/match/396/?remote_uid=0100007FC2DA86632502402F02022817
IP
31.220.27.135:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/396/?remote_uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=udmn9UzpOdANFan4LhhB
set-cookie: jcsuuid=udmn9UzpOdANFan4LhhB; expires=Thu, 30 Nov 2023 04:23:31 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a51bed3d90e4059a74ba9368573a2147
a3435cd6360fff30efb00edf9867583870965d5e
df8bc13f0a8eaa6496dafa686c74add64ea7356acfd00788920a86a9bc02e273

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8BC13F0A8EAA6496DAFA686C74ADD64EA7356ACFD00788920A86A9BC02E273"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9587
Expires: Wed, 30 Nov 2022 07:03:18 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

avtodom-kzn.ru/uploads/blockpro/112x74_volvo-850_66.jpg

188.114.96.1

200 OK

4.9 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-850_66.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.9 kB (4918 bytes)
Hash
18bf22106a94b9ec87439ede39930752
f5815b609bf07bb80259c118c1be4eac27f47939
3de27ebe317276bfd3da247e87ffa80cab0ed41eb9e979c88e0c5da9fa2f6bd1

HTTP Headers

GET /uploads/blockpro/112x74_volvo-850_66.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4918
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c30-1336-5108a522e5244"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhwwNGikrxT0Td9KRt%2BLP3qOpILkNuACgb%2FK4QNpHVkNCWDgsrL7xtnN7ebkspW0Pit50ZOChtooFlOs5FS7sddv8z9MZPMejRNmOWGsZMszZS9yQ%2B%2BGiEDRFGGvkDcKWg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5fbdd1c16-OSL

pix.bumlam.com/sync/sape/check?sspuid=0100007FC2DA86632502402F02022817

31.172.81.158

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/check?sspuid=0100007FC2DA86632502402F02022817
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/check?sspuid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape

avtodom-kzn.ru/uploads/blockpro/112x74_volvo-360_51.jpg

188.114.96.1

200 OK

4.1 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-360_51.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.1 kB (4123 bytes)
Hash
b0d4961449f63050a5868b3c3f860d91
5b9106a4e2eca91b976918f308d6eaa2351a0371
9b79f8fee9dd9ee0f5e35328c99f32215bdf79d024ccca38f96166375ad37a04

HTTP Headers

GET /uploads/blockpro/112x74_volvo-360_51.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4123
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c2f-101b-5108a522decb3"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wlpw64XF2n4UEEQWmwI7zKcwOUX0Cr2vFITmEtxbI3Fcvf4vN598jl22g4R486O2rKWnWyVZ%2FUMWXiwscD8hQeD3WK6RXvjlBSJhpr8ebPIgWgyziHhzH7vjrfHR%2F3xFsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee69a2db4ff-OSL

sync.bumlam.com/?src=sap1&uid=0100007FC2DA86632502402F02022817

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&uid=0100007FC2DA86632502402F02022817
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjQ5Y2VkMC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3
ETag: bf49ced0-7066-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

nr.bidderstack.com/sape/cm?user_id=0100007FC2DA86632502402F02022817

23.88.12.13

204 No Content

0 B

URL HTTP/1.1
nr.bidderstack.com/sape/cm?user_id=0100007FC2DA86632502402F02022817
IP
23.88.12.13:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/cm?user_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

mediatoday.ru/core/match.gif?s=32&id=0100007FC2DA86632502402F02022817

139.45.228.111

200 OK

43 B

URL HTTP/2
mediatoday.ru/core/match.gif?s=32&id=0100007FC2DA86632502402F02022817
IP
139.45.228.111:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /core/match.gif?s=32&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.22.0
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUx2q2akilXoy8D; expires=Sat, 27-Nov-2032 04:23:31 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2

sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0

78.46.16.13

302 Found

0 B

URL HTTP/2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
78.46.16.13:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1669782211608
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=e9b544a1-dd16-4a45-ba6d-fc33691117c3;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=e9b544a1-dd16-4a45-ba6d-fc33691117c3;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

www.acint.net/match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

avtodom-kzn.ru/uploads/blockpro/142x74_1478798412_donald-trump.jpg

188.114.96.1

200 OK

5.5 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/142x74_1478798412_donald-trump.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Size
5.5 kB (5519 bytes)
Hash
845808fe0445081c9df11652b50a0155
f8cf632e03c47edf46d3cf6471da9cd26a6c7cdc
3f116b841e76a052c1be3186fd94e59fc1bdf224b8ec727626580381a0e9984b

HTTP Headers

GET /uploads/blockpro/142x74_1478798412_donald-trump.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5519
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2016 17:20:18 GMT
ETag: "1000000001c47-158f-540f59673c1e8"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edlxyc7eun21kUcr%2FilO7VodBTWViiXqJo9isT9qu%2Fw%2Fri0EwyJwslIGNG5YbTLsqNSF2Als6zDySLqwu4n0Se12BRZOGqEkIpJR2EoWCKV7VOI2kjOwJ0%2BNp2f4Fg%2BCNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee62949b503-OSL

www.acint.net/match?dp=127&euid=udmn9UzpOdANFan4LhhB

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=127&euid=udmn9UzpOdANFan4LhhB
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=127&euid=udmn9UzpOdANFan4LhhB HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
fd17d2a0cbcfc6ac2c299032ee3a8044
971e581c49a1daa4dacf9bae569cffbe7235249b
357c697f582c1287b42a697c3d3f81ef212cce9f4858f8016ad0c5fdff3d5b9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 149
Cache-Control: max-age=126965
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:31 GMT
Etag: "63862723-118"
Expires: Thu, 01 Dec 2022 15:39:36 GMT
Last-Modified: Tue, 29 Nov 2022 15:37:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280

avtodom-kzn.ru/uploads/blockpro/112x74_volvo-940_29.jpg

188.114.96.1

200 OK

3.9 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-940_29.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
3.9 kB (3913 bytes)
Hash
a072680efad6f64def22aec1289f15b3
adfd7d6065b8b993d7d1901ca13330b236a037fe
29d5063022ea3137cd2d85b9799e1944a6ef301736561de5993e16477bb8f083

HTTP Headers

GET /uploads/blockpro/112x74_volvo-940_29.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3913
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c32-f49-5108a522e2364"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHSMpMxIELGCaW8iVFFilrHLtbta8xXyv73F4ljwI2m47fdftPQeh%2F7Ah0t57K7HD1ciccVlHxKnxCBCePkI0f9H7ojvH5TFF19WBEvW0ZaToA9%2FN2VPUpHbMk4cI6wtzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee6cf22b512-OSL

match.new-programmatic.com/userbind?src=sape&id=0100007FC2DA86632502402F02022817

217.65.2.150

204 No Content

0 B

URL HTTP/1.1
match.new-programmatic.com/userbind?src=sape&id=0100007FC2DA86632502402F02022817
IP
217.65.2.150:0
ASN
#3175 Filanco LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /userbind?src=sape&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Wed, 30 Nov 2022 04:22:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
187fc76c07c5b145d7653c93a62a8a18
6c13f79f4ea15dfe1dc387f7013d08088bcc6636
985df91528e58b440a9276b97f9110886011b3cd25c2b4e642f4be256be987fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "985DF91528E58B440A9276B97F9110886011B3CD25C2B4E642F4BE256BE987FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17288
Expires: Wed, 30 Nov 2022 09:11:39 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

avtodom-kzn.ru/uploads/blockpro/142x74_1429719009_6080_default.jpg

188.114.96.1

200 OK

5.7 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/142x74_1429719009_6080_default.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Size
5.7 kB (5741 bytes)
Hash
351cd799f72c5c2b09a1d2c41356c7d7
149dc94e118719c0b75a6ec76836a10dd134c0eb
ced3c45b2b53f1d0cd206b51f35ec4fb8179237a7883d08d1edd4563a3aa3a3e

HTTP Headers

GET /uploads/blockpro/142x74_1429719009_6080_default.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5741
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2015 16:10:34 GMT
ETag: "1000000001c44-166d-514526729c023"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw6qDHTLlRzoNUXvUCElHl6dbTeDXvhnj%2FzRHS5KiNoJ%2BDjEayeCXRSEfkNm3DrkECGYEm1wi%2FMWWg7tSMVHNANdpTPIj7e0S%2BqZi8iDM3GHTBaY1YYv1Do9i6SRb%2Fx1qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee659c50b51-OSL

avtodom-kzn.ru/uploads/blockpro/112x74_volvo-xc90_4.jpg

188.114.96.1

200 OK

4.0 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-xc90_4.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.0 kB (4004 bytes)
Hash
f51d368a86afcd198614ee0fb38804f9
5c90eeb6ca989c762d10945a08996ff2ef69816c
ed440c8035f3d621fda905bac4712a57d04616531e128677591f1fc0df293a61

HTTP Headers

GET /uploads/blockpro/112x74_volvo-xc90_4.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4004
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c34-fa4-5108a522e94ad"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izr%2FHqBhJvg4pCXR7h%2B%2FwFfxVvmZdOv8dJYAiiLunVZAVhrg8gPNyAWOA3bVOwekfWCcx83Xd8BMIaFaxkkaTW0rGdRvJbHHCW34R38ROj5S4we5y7YULP9sX2ooxUsEoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee6ec071c16-OSL

sync.bumlam.com/?src=sape

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc*
ETag: bf5481a4-7066-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5c886ffb217c4b9d2ff9b44ce2988a13
d4c1f420e2bbfb2d0ad07f5cf1ff2b3b967aad3b
fb7db5cc863e701be831a8515e6bd6091e91714b6ca95e838699338c0324133f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB7DB5CC863E701BE831A8515E6BD6091E91714B6CA95E838699338C0324133F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3809
Expires: Wed, 30 Nov 2022 05:27:00 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

www.acint.net/match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

cs.agency2.ru/p?ssp=sp&uid=0100007FC2DA86632502402F02022817

23.111.107.44

301 Moved Permanently

0 B

URL HTTP/1.1
cs.agency2.ru/p?ssp=sp&uid=0100007FC2DA86632502402F02022817
IP
23.111.107.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sp&uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679
Set-Cookie: uuid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679; expires=Tue, 21 Nov 2023 04:23:31 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

sync.bumlam.com/?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3

31.172.81.172

200 OK

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjQ5Y2VkMC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjQ5Y2VkMC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

avtodom-kzn.ru/uploads/blockpro/112x74_volvo-960_50.jpg

188.114.96.1

200 OK

3.9 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-960_50.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
3.9 kB (3853 bytes)
Hash
d164d460e31c295c8df16cb73b885db7
a4e566e4a86d22f359b6e5e86f05067b16827142
fe2b6372adcb9cf52dd1435d9b253f1636629a67c282e70c81886f0560e7f438

HTTP Headers

GET /uploads/blockpro/112x74_volvo-960_50.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3853
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c33-f0d-5108a522e7955"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN5ZRsMFFBtS8cGC9fyX%2Bq7DFip%2FExsNQHXfRFEEjto%2B0bwlTFjvZMGHcXja6Tt%2FjvF2GKf4fiejK%2BXQp7N9tTmSohpw951nSMoLnpccaTWV30qys%2BwQhQN1b8NNXKd6Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee6bdb4b51e-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6b9efc56a5c83007514905bc0fbb010e
9133a19f469b8cc3d2fb36399c0955554b0fe1da
d0c5cd5deea1f0b5e77402c785309b5088f732f05ddb5a2ef90f66541c4f0aa5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:41:02 GMT
Expires: Tue, 06 Dec 2022 15:41:01 GMT
Etag: "9133a19f469b8cc3d2fb36399c0955554b0fe1da"
Cache-Control: max-age=558449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720cee67fb6b518-OSL

sync.bumlam.com/?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc*

31.172.81.172

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.bumlam.com/?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc*
IP
31.172.81.172:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true

avtodom-kzn.ru/uploads/blockpro/112x74_1307942685.jpg

188.114.96.1

200 OK

4.4 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/112x74_1307942685.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Size
4.4 kB (4432 bytes)
Hash
268a51411511d1f4bec05861e9b36a8e
815a113a4f6f6fc2e9367e7cb480c2faccb1ab36
9c90022ffbde39413c4e25827fec129fe65fb1575913bffebe165d9855c075a9

HTTP Headers

GET /uploads/blockpro/112x74_1307942685.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4432
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b24-1150-51089b99518f2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Fg%2BXNs9WHhy43mAGfPBBhdXV8TvJ4vVH%2BtYnATZIxEVOY62%2BaPbzAIM%2BR6%2BajUwIBonCgAIJIsBUmQQ4gaoap%2FroQWYSaviCYqnBlgpvgrT3Y7LFRsIiEG6nNh3xzsjlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee719b8b503-OSL

www.acint.net/match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

pix.bumlam.com/sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437

31.172.81.158

302 Found

0 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com/?src=sape

exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D

168.119.8.212

301 Moved Permanently

115 B

URL HTTP/2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
168.119.8.212:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text
Size
115 B (115 bytes)
Hash
d5044e8a2baa5c097a5300ba1dc81e2e
1702a6cc4e929beaa2bd3db43d1842b92a81a247
0934437be642aa63cbfc13368de81e16a8b6adb34b5af648277936e5911da184

HTTP Headers

GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 04:23:28 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae
serverid: TODO
X-Firefox-Spdy: h2

avtodom-kzn.ru/uploads/blockpro/152x74_kit-ili-slon_mercedes-bmw_1.jpg

188.114.96.1

200 OK

5.7 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/152x74_kit-ili-slon_mercedes-bmw_1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Size
5.7 kB (5720 bytes)
Hash
5afc310b23c1504709eb315336361e65
62f0c4d4014ff50a31204710aa63eb86bb20bef6
8befd0d78ddf859bd3a15e37e4f1556046e206f23cd06ae973e7fd184b53efa0

HTTP Headers

GET /uploads/blockpro/152x74_kit-ili-slon_mercedes-bmw_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5720
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001c99-1658-51089b9a2fba3"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mJpP5yDOpHOEN2YpR%2F%2Ftnfw%2BkDDrR0%2FlH762RsltXBuLaWeWEvnv1u9XsNI43nm3Lx6%2Bqfud8q9QN76TCdMPehn3ntqNNFrEsANdGrWJPzzLWvQd9jRIXPo8fIy7CgjTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee73f3cb512-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
21f0f9e8c27f0710173535d10434c08d
034a44832a61c779932be899727e3ac12e71db3f
d5f0357c1c0bd94f23175c7d8d007a8c5c9c00ba9ad98fed9aa16ad6972d834d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:26:44 GMT
Expires: Sun, 04 Dec 2022 11:26:43 GMT
Etag: "034a44832a61c779932be899727e3ac12e71db3f"
Cache-Control: max-age=370391,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720cee708e10afe-OSL

www.acint.net/match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

avtodom-kzn.ru/uploads/blockpro/142x74_1597423925_utilizatsiya-avtomobiley.jpg

188.114.96.1

200 OK

6.6 kB

URL HTTP/1.1
avtodom-kzn.ru/uploads/blockpro/142x74_1597423925_utilizatsiya-avtomobiley.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Size
6.6 kB (6632 bytes)
Hash
1a06faad16919d7a25079a91b090fb90
646447f24b70d5ae2aa8ab0887e6a03449db65d3
e3f2908ab18c928e7230ecb30e5106a5de469ec9e357143330224406f591ccd2

HTTP Headers

GET /uploads/blockpro/142x74_1597423925_utilizatsiya-avtomobiley.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 6632
Connection: keep-alive
Last-Modified: Fri, 14 Aug 2020 16:51:58 GMT
ETag: "1000000001c48-19e8-5acd93d3a70ee"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfCcUEcOyM2nG%2BkzAX7HVfaBUPjs2RA%2BYRbxAs59asMFJUnyKdQDaYcFb%2BnZi8%2BufsxIt4gWkooWMLdOzFpMDxfEQhyhEkNJxiDKl0zXaENS2hPPrMmBMSWxc2ajspysKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee71a54b4ff-OSL

dmp.gotechnology.io/match/sape?id=0100007FC2DA86632502402F02022817

142.132.209.138

302 Found

0 B

URL HTTP/2
dmp.gotechnology.io/match/sape?id=0100007FC2DA86632502402F02022817
IP
142.132.209.138:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/sape?id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007FC2DA86632502402F02022817&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10370
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10370
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
04544caa268aa7cccf11691396fd33fa
0fbc1ec62717acbd8e9a24f20905029cb1670987
fd24756e6773ec189e73523dcf58fc8ce3460d614faeac26b9140cc2afd7e557

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD24756E6773EC189E73523DCF58FC8CE3460D614FAEAC26B9140CC2AFD7E557"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4954
Expires: Wed, 30 Nov 2022 05:46:05 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8337 bytes)
Hash
2cb669522a324cd5d9ba1b1743138d38
71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0
a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:59:07 GMT
age: 23064
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

avtodom-kzn.ru/templates/auto-new/images/favicon.ico

188.114.96.1

200 OK

1.2 kB

URL HTTP/1.1
avtodom-kzn.ru/templates/auto-new/images/favicon.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1168 bytes)
Hash
936de38c771e52b547d0d040a88d9d50
696daabd912b187598f32d21bf7429d568cf6d6b
d0736c0cd4c8edd9739c6bbac5d98abd12b6aef92883e393937bcc356fe7051b

HTTP Headers

GET /templates/auto-new/images/favicon.ico HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97; fid=02884d1f-2511-4581-9c78-1a93c8e990d9

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: W/"10000000016aa-9f6-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFVAhH%2FCHnrevx0CC%2BLKxp6dVEcikJDTtRIvaPZWa5lHSiELu%2FUd5fbwvVr3cR3Vj7Cp%2FwZNevat2X2%2BDSiNXgUftcWrHCqqOV0VJj1aMz1DILFhi%2BxNExcG%2BCGEXX8Qfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee86a40b503-OSL
Content-Encoding: gzip

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 23925
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D

212.116.120.34

302 Found

6.7 kB

URL HTTP/2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
212.116.120.34:0
ASN
#48096 Enterprise Cloud Ltd.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6695 bytes)
Hash
7a8c2292c953e41a108b1ca1f83b5134
0c3e4019730bae709f01d0fcbc6b4b0f20388c0f
155552a78d298bb7f16b41375faf63037de17d1caee1a836bbd512c2e4e5d1fa

HTTP Headers

GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=8e3385453e5f483ca5219a138e498311
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=8e3385453e5f483ca5219a138e498311; expires=Wed, 29 Nov 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Wed, 30 Nov 2022 04:23:30 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13195 bytes)
Hash
9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 23922
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11466 bytes)
Hash
0c14828912decf19c9d95fee93e92f00
49a82390cbf2139bf681d896f9467ab736e0b337
bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s1eFJ0mtTFv3DFwwZ52JWOCDJWFA9IRiJ54L0JSkxzxFLnFIgts2CA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
content-type: image/jpeg
age: 23936
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12853 bytes)
Hash
e08af5b1d18986e112913c6e69cc8ce6
151b60134a66305bd72dbb3810f67a57720b2af1
555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:48 GMT
age: 23923
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

adlmerge.com/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817

95.211.66.35

200 OK

43 B

URL HTTP/2
adlmerge.com/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
IP
95.211.66.35:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2

bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com/?src=sape

82.146.53.26

302 Moved Temporarily

0 B

URL HTTP/1.1
bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com/?src=sape
IP
82.146.53.26:0
ASN
#29182 JSC IOT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?src=sape HTTP/1.1
Host: bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done

pix.bumlam.com/sync/sape/done

31.172.81.158

200 OK

43 B

URL HTTP/1.1
pix.bumlam.com/sync/sape/done
IP
31.172.81.158:0
ASN
#44066 diva-e Datacenters GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

ssp.bidvol.com/usersync?dspcsid=8&redirect=1

65.109.65.188

302 Found

1.4 kB

URL HTTP/2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
65.109.65.188:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
1.4 kB (1414 bytes)
Hash
3ac8e8126ca31888cda616c7dea2ffb1
7555485eb4ce854c889cd757fd6d11142cbf9a46
3d6558ca141f37ff35fa75452fc26d4e798028fe1ea11ff019dd21b8a02b0cf6

HTTP Headers

GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 30 Nov 2022 04:23:31 GMT
x-request-id: d1f42864-d839-423c-8d38-bf0f13d29de5
set-cookie: bvuid=pib0w5wb8h; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=pib0w5wb8h; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=pib0w5wb8h
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsgccr3dvtlsca2020

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1414 bytes)
Hash
3ac8e8126ca31888cda616c7dea2ffb1
7555485eb4ce854c889cd757fd6d11142cbf9a46
3d6558ca141f37ff35fa75452fc26d4e798028fe1ea11ff019dd21b8a02b0cf6

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 02:14:39 GMT
ETag: "7555485eb4ce854c889cd757fd6d11142cbf9a46"
Last-Modified: Wed, 30 Nov 2022 02:14:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 530
X-Served-By: cache-qpg1268-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 13
X-Timer: S1669782212.153144,VS0,VE0

ocsp2.globalsign.com/gsalphasha2g2

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1423 bytes)
Hash
673aab22ad39e3b5c4f7fb79e3f01515
eabc026ae17b39bdf984065243ee156b59abc74b
07dc319cefcf757505b2ccfa5d3e920d5d71fe265b4f9acafad5e7ca0326732a

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 01:42:42 GMT
ETag: "eabc026ae17b39bdf984065243ee156b59abc74b"
Last-Modified: Wed, 30 Nov 2022 01:42:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 624
X-Served-By: cache-qpg1243-QPG, cache-bma1629-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 2
X-Timer: S1669782212.165576,VS0,VE0

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691

195.209.108.35

302 Moved Temporarily

0 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
195.209.108.35:0
ASN
#52007 LLC AdRiver

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5058049411; expires=Fri, 29 Nov 2024 04:23:32 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf8LahmMlAkAvAgIoFw

142.250.74.66

200 OK

170 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf8LahmMlAkAvAgIoFw
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
170 B (170 bytes)
Hash
e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

HTTP Headers

GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf8LahmMlAkAvAgIoFw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
date: Wed, 30 Nov 2022 04:23:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC2DA86632502402F02022817

81.222.128.214

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC2DA86632502402F02022817
IP
81.222.128.214:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D

77.245.57.72

200 OK

0 B

URL HTTP/1.1
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP
77.245.57.72:0
ASN
#36057 WEBAIR-INTERNET-MTL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: close

ocsp.globalsign.com/gseccovsslca2018

151.101.130.133

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
939 B (939 bytes)
Hash
3b77074c26df6934d95e9b2c12978d48
d020b218775e281adc4ddd0ef45c9fb648839ace
11a4091633e4a5970f8fc935e8aae4ab926bdae98d46a9389c0e55afdd59324e

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 939
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 03:51:46 GMT
ETag: "d020b218775e281adc4ddd0ef45c9fb648839ace"
Last-Modified: Wed, 30 Nov 2022 03:51:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 1904
X-Served-By: cache-qpg1272-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 219
X-Timer: S1669782212.215947,VS0,VE0

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=516942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720ceea28e4b518-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
342a40dfdf02e2855bec281be0af6815
0b68216f54d6d466b28b0c581ff1fc578fa03ebb
0bc2a54f29c9c093d34ad80e3af901ce4af85c877381cb84a6f8fd604875b898

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC2A54F29C9C093D34AD80E3AF901CE4AF85C877381CB84A6F8FD604875B898"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Wed, 30 Nov 2022 07:16:19 GMT
Date: Wed, 30 Nov 2022 04:23:32 GMT
Connection: keep-alive

ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411

195.209.108.35

302 Moved Temporarily

40 B

URL HTTP/1.1
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411
IP
195.209.108.35:0
ASN
#52007 LLC AdRiver

File type
ASCII text, with CRLF line terminators
Size
40 B (40 bytes)
Hash
251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b

HTTP Headers

GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 29 Nov 2024 04:23:32 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
0ea763dd14d73d061a6824a05ea28919
815d93f1bbd746eb482f5a21db6f9a52f3d0895b
b0f666e5bcf7caafd975aa804341411d9ea4bd9f6ae6da2430f6fb6215f4373a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 21:49:33 GMT
Expires: Wed, 30 Nov 2022 21:49:33 GMT
ETag: "815d93f1bbd746eb482f5a21db6f9a52f3d0895b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.globalsign.com/gseccovsslca2018

151.101.130.133

200 OK

938 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
938 B (938 bytes)
Hash
95150896b227bbadb5a888902e0d180a
6355c3f9bfde423f346d400965ef3f063fa64dde
4d649e1f07c58712a44d5582e4c5bbdd85aecfafbab1a3e01dbf46971569c109

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 938
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 03:43:42 GMT
ETag: "6355c3f9bfde423f346d400965ef3f063fa64dde"
Last-Modified: Wed, 30 Nov 2022 03:43:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 2390
X-Served-By: cache-qpg1232-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 227
X-Timer: S1669782212.250643,VS0,VE0

ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817

188.42.191.196

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=46c5f442-8389-524e-a182-0052c204da96; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAAE8aCWOb14lOfojEpUAm32CAk_WyEkhw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

ocsp.usertrust.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
e29e1b6a4d7d8b622c0811f54ace7327
562bfa8688eba658bf77c7e51ef2e5a720b7b86d
15d20b692ecc0e6b10dd88945e5cdec4db6f4b98b4d06d55222e2df2d2ea0c40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 04:18:21 GMT
Expires: Mon, 05 Dec 2022 04:18:20 GMT
Etag: "562bfa8688eba658bf77c7e51ef2e5a720b7b86d"
Cache-Control: max-age=601365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 557
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720ceeaab04b4fd-OSL

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2e6727238eddf2dbc0c32a99b17a8f24
a7fe53809acbed028ceb25f3bbc1fc174eac3eff
d01e92f3492460eb71ec1133efc65c042ea3b90bfeebbc97b3cd9acb4398d2f1

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 154
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:32 GMT
Last-Modified: Wed, 30 Nov 2022 04:20:58 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ad.mail.ru/cm.gif?p=48&id=0100007FC2DA86632502402F02022817

95.163.41.56

200 OK

43 B

URL HTTP/2
ad.mail.ru/cm.gif?p=48&id=0100007FC2DA86632502402F02022817
IP
95.163.41.56:0
ASN
#47764 Mail.Ru LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /cm.gif?p=48&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0PV-Xv3yInIE002Cd92V0TYE:::0-0-0-8a13384:CAASEFOsfu3wQsO5Sa3F560JjYgaYKhxe-Z59foXtO0JFPD0OwZKxisQasVxtjLtg3wF45d37V3yu7uKHtvIAFFPUUwusbvOoV1oloOuqvHSE0khjv3yjhTH8i6uWJfbMGxD7hryJF9JczxE2P4hxYgoBXIFqw; path=/; expires=Fri, 01-Dec-23 04:23:32 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Wed, 30 Nov 2022 10:23:32 GMT
cache-control: max-age=21600
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2

www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D

46.4.114.109

302 Found

154 B

URL HTTP/2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

tag.digitaltarget.ru/adcm.js

185.15.175.133

200 OK

3.1 kB

URL HTTP/1.1
tag.digitaltarget.ru/adcm.js
IP
185.15.175.133:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (3051), with no line terminators
Size
3.1 kB (3051 bytes)
Hash
e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

HTTP Headers

GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Wed, 30 Nov 2022 04:04:18 GMT
Connection: keep-alive
ETag: "6386d642-beb"
Accept-Ranges: bytes

redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect

35.190.24.218

302 Found

0 B

URL HTTP/2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
35.190.24.218:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: AFFICHE_W=ojSQ9ivWIuai34; expires=Thu, 28 Dec 2023 04:23:32 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1

188.42.191.196

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=c5f86a89-67a2-524e-b746-b8b1d4c06275; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAACYWBCR2zKJ3K_BEuZ5KMjBY6gv7vwWg==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gsrsaovsslca2018

151.101.130.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
ca7973defaca7804eb53c6a3736d8528
e158bbae0f9158233753529e83a06b62d0573565
57e20a8b7e9c49b6bb443212f80cf625b7cd72fe074d009aed7ace8718fe0b68

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 02:01:45 GMT
ETag: "e158bbae0f9158233753529e83a06b62d0573565"
Last-Modified: Wed, 30 Nov 2022 02:01:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 1299
X-Served-By: cache-qpg1234-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 21
X-Timer: S1669782212.314402,VS0,VE0

sape-sync.rutarget.ru/sync

178.170.196.9

302 Moved Temporarily

0 B

URL HTTP/1.1
sape-sync.rutarget.ru/sync
IP
178.170.196.9:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=PGTG5hASi3dh
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=PGTG5hASi3dh; Path=/; Domain=.rutarget.ru; Expires=Mon, 29 May 2023 04:23:32 GMT; SameSite=None; Secure

redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008

35.190.24.218

204 No Content

0 B

URL HTTP/2
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008
IP
35.190.24.218:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 04:23:32 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817

81.222.128.214

200 OK

42 B

URL HTTP/1.1
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817
IP
81.222.128.214:0
ASN
#20597 PVimpelCom

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

sm.rtb.mts.ru/p?ssp=sape&id=0100007FC2DA86632502402F02022817

217.66.147.42

301 Moved Permanently

0 B

URL HTTP/1.1
sm.rtb.mts.ru/p?ssp=sape&id=0100007FC2DA86632502402F02022817
IP
217.66.147.42:0
ASN
#29209 MTS PJSC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p?ssp=sape&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FC2DA86632502402F02022817
Set-Cookie: dspid=cb27c683-e021-4284-aefe-4f1d23807b3b; expires=Tue, 21 Nov 2023 04:23:32 GMT; domain=.mts.ru; path=/; secure; SameSite=None

www.acint.net/match?dp=104&euid=PGTG5hASi3dh

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/match?dp=104&euid=PGTG5hASi3dh
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /match?dp=104&euid=PGTG5hASi3dh HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=516942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720ceea29a80afe-OSL

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
0ea763dd14d73d061a6824a05ea28919
815d93f1bbd746eb482f5a21db6f9a52f3d0895b
b0f666e5bcf7caafd975aa804341411d9ea4bd9f6ae6da2430f6fb6215f4373a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 21:49:33 GMT
Expires: Wed, 30 Nov 2022 21:49:33 GMT
ETag: "815d93f1bbd746eb482f5a21db6f9a52f3d0895b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817

193.232.150.60

302 Found

0 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817
IP
193.232.150.60:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/cm/sape?u=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=uxk5hihUk2Hb.AikABlGExsaPDA;Path=/;Domain=.adhigh.net;Expires=Thu, 30-Nov-2023 04:23:32 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D

188.42.191.196

302 Found

0 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=cce71f94-be8b-524e-b768-69a9d4eeb36d; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAAI5VgCJplrnJBnQ4IKvMSOJuVRgL0QjA==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1

93.158.134.90

200 OK

50 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1
IP
93.158.134.90:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
50 B (50 bytes)
Hash
bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3

HTTP Headers

GET /mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 30 Nov 2022 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1

188.42.191.196

200 OK

68 B

URL HTTP/2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
188.42.191.196:0
ASN
#7979 SERVERS-COM

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

HTTP Headers

GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=d541bc3c-415f-524e-acc8-afebcf4e752f; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAALI5B0qt0TKqnn6vCGaXzUS3xe5Z7Ziw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2

px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1

193.232.150.60

200 OK

49 B

URL HTTP/2
px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1
IP
193.232.150.60:0
ASN
#48061 Limited Liability Company GPM Digital Technologies

File type
GIF image data, version 89a, 1 x 1\012- data
Size
49 B (49 bytes)
Hash
889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

HTTP Headers

GET /p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: image/gif
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2

tag.digitaltarget.ru/processor.js?i=921994724795376

185.15.175.133

200 OK

16 kB

URL HTTP/1.1
tag.digitaltarget.ru/processor.js?i=921994724795376
IP
185.15.175.133:0
ASN
#43226 SafeData LLC

File type
ASCII text, with very long lines (15897), with no line terminators
Size
16 kB (15897 bytes)
Hash
c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0

HTTP Headers

GET /processor.js?i=921994724795376 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Wed, 30 Nov 2022 04:04:19 GMT
Connection: keep-alive
ETag: "6386d643-3e19"
Accept-Ranges: bytes

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
94761464ba8a8f704548cecc2ce63423
38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85
51c92436ab7e9890dba871ca7f0d0eb6e4b3fc1ae9217e30ba9960eaa7e5c735

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 14:18:43 GMT
Expires: Tue, 06 Dec 2022 14:18:42 GMT
Etag: "38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85"
Cache-Control: max-age=553509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720ceeac932b518-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b791e396b363c462c259e47f24d08e02
13f187bcacde8ed75da820ced57d0ebe5e8f3351
daac86ec5af86c6307b74075b1b158bf881957605a7234ce1c2306e8071e8547

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAAC86EC5AF86C6307B74075B1B158BF881957605A7234CE1C2306E8071E8547"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13866
Expires: Wed, 30 Nov 2022 08:14:38 GMT
Date: Wed, 30 Nov 2022 04:23:32 GMT
Connection: keep-alive

x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817

89.108.119.28

302 Found

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817
IP
89.108.119.28:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1
expires: Wed, 30 Nov 2022 04:23:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 30 Nov 2022 04:23:31 GMT
set-cookie: __upin=uZ4wVj9CGavcfnas14myAg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669782212;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.157

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.157:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=S9.p2n-ccAy34RA7VSin; Max-Age=93312000; Expires=Fri, 14 Nov 2025 04:23:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.157

307 Temporary Redirect

0 B

URL HTTP/1.1
dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.157:0
ASN
#43226 SafeData LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/1093/i/i?i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=jUv5tJSccAh4lH57MReu; Max-Age=93312000; Expires=Fri, 14 Nov 2025 04:23:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1

89.108.119.28

204 No Content

0 B

URL HTTP/2
x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1
IP
89.108.119.28:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
expires: Wed, 30 Nov 2022 04:23:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 30 Nov 2022 04:23:31 GMT
set-cookie: __upin=Dt5ALzNPnrlrC4+R8SmZPA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669782212;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

185.15.175.157

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
185.15.175.157:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 9
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient

185.15.175.157

200 OK

64 B

URL HTTP/1.1
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
185.15.175.157:0
ASN
#43226 SafeData LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8

HTTP Headers

GET /awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 8
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676

46.4.114.109

302 Moved Temporarily

142 B

URL HTTP/1.1
www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
142 B (142 bytes)
Hash
82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c

HTTP Headers

GET /ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/

HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:33 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676

www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676

46.4.114.109

200 OK

43 B

URL HTTP/2
www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676
IP
46.4.114.109:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:33 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ

93.158.134.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ
IP
93.158.134.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1
date: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: yandexuid=9443422451669782212; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1

93.158.134.90

200 OK

0 B

URL HTTP/2
an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1
IP
93.158.134.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 30 Nov 2022 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817

93.158.134.90

302 Found

0 B

URL HTTP/2
an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817
IP
93.158.134.90:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapuid/sapeis/0100007FC2DA86632502402F02022817 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1
date: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: yandexuid=6580336981669782212; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations