r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4660
Expires: Wed, 30 Nov 2022 05:41:09 GMT
Date: Wed, 30 Nov 2022 04:23:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 149
Cache-Control: max-age=108611
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:29 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:33:40 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 04:17:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 330
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9502
Expires: Wed, 30 Nov 2022 07:01:51 GMT
Date: Wed, 30 Nov 2022 04:23:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZxRbX+Wem3rWzmtyg59lYMpb0aGiIdCjKR2nDXgdOYbk/X7NmEIWLky11l8py35nXUo14x4sOE8=
x-amz-request-id: 0Y76D1FE6W3K4XV5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 03:45:04 GMT
age: 2305
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
avtodom-kzn.ru/
188.114.96.1200 OK 11 kB IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with CRLF, LF, NEL line terminators
Hash 3f2af30f578a71f14d1fa619d8b9359a
be19dedf099f4249b724fd0b51e4caa3de46c09d
feb5719a1ab3849fdee6eb61e99ad8855105d3aca8dfaf6b73ced9e7b2fd73a5
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:29 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97; path=/
dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.avtodom-kzn.ru; httponly
dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.avtodom-kzn.ru; httponly
dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.avtodom-kzn.ru; httponly
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fj%2BJRWCPFdwiWAhN3hJ46b%2FyAU8zBsP6w8UWdAVsEOWM56%2FqESk%2BTCfR1NqtHoipj7aAOh1J7qzhznnXH%2B6h3UzwcxSWkMjUgRLnXJbMldOfRWoJo5qBVAcOJMHmHpo9iA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7720ced79caeb4ff-OSL
Content-Encoding: gzip
avtodom-kzn.ru/templates/auto-new/js/libs.js
188.114.96.1200 OK 479 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/js/libs.js
IP 188.114.96.1:0
File type ASCII text, with CRLF line terminators
Hash d8b3f948308d21e623a60044ddb6488a
070d06f175f20e9996ffec003f37b2511da4d93e
05e6249a501706617d33e4eb6b070baace4c5d57265e3dd7230e64c962691d1a
Analyzer Verdict Alert fortinet Malware
GET /templates/auto-new/js/libs.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:12 GMT
ETag: W/"10000000016fc-5d1-4bf2739407d00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BMS5kFgnaG0MekST56c4p%2Bn%2BDEZZ0zSikyWRuzKAwfrxTrfTxenUqLfdyVCUbF59M9nIPYcuIjourCHckZQx0HMAF1m9CNlHoZU32Drq%2FASLRtghngRUMvV%2FrMJrKu76w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbda76b512-OSL
Content-Encoding: gzip
avtodom-kzn.ru/templates/auto-new/style/engine.css
188.114.96.1200 OK 4.5 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/style/engine.css
IP 188.114.96.1:0
File type assembler source, ISO-8859 text, with CRLF line terminators
Hash bb7cbc99171ad51f7fc073d067d17b3c
ead73f94f394645307613440b55a4d4b8128144a
0a9d2cc8b3d8f3a2db8f894e4804f4021c8648604de5d11d7b0f3ba66d5e4de4
GET /templates/auto-new/style/engine.css HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:14 GMT
ETag: W/"10000000016ff-3f0a-4bf27395f0180"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvYTMVtu0r56cfn4CFWWuvmsdpWJ8iwrDbYDAnKt9AlfIUwvuqBgK%2F8iF2BMYjT2jlVIepFysjEYruFPv3H8QMNYz90zF72vhSBb2Iw0BDG8%2B0Cn%2FwpoObAijkosaOWMMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbd91a1c16-OSL
Content-Encoding: gzip
avtodom-kzn.ru/engine/classes/js/dle_js.js
188.114.96.1200 OK 5.4 kB URL HTTP/1.1 avtodom-kzn.ru/engine/classes/js/dle_js.js
IP 188.114.96.1:0
File type HTML document, ASCII text, with very long lines (656), with CRLF line terminators
Hash 6c2498c93145f36b07f8bb82c1b6afe1
4b21f32b4d1408888911fb599d92d1b1b7ba4d7e
e2ded5f9da74c4b89040426bcf5338db9158072b71322758be023ccd7b9194ae
Analyzer Verdict Alert fortinet Malware
GET /engine/classes/js/dle_js.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Apr 2012 09:21:00 GMT
ETag: W/"10000000011a8-5295-4bcd6f10c9700"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY31QpgDV6nX881KlvYdsryWN1TY7oHPMUa3Ccq%2F7pv6SDt12gL40YKw2KAN%2BK6ncT40UOuSR4mrCiSNDl0dWaeD8Sf0pj2ifsO2rYwB%2BIHeboKrhP8PIUqZ%2FLAw3hnSxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbdde80b51-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 874
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
avtodom-kzn.ru/templates/auto-new/style/styles.css
188.114.96.1200 OK 5.3 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/style/styles.css
IP 188.114.96.1:0
File type assembler source, ISO-8859 text, with CRLF line terminators
Hash a848b20d63303a0ae03c8abf5555ab5e
410fe0efc67a5909dedf59eb7ac9fb6ae9e8af2a
8d9f0a927ac4a7a7748e482adc936b63f10d0c3d07698c59059152028ea81c83
GET /templates/auto-new/style/styles.css HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Aug 2012 13:25:26 GMT
ETag: W/"1000000001701-9cf2-4c7daacfe7d80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7b3g6rgQ6ZwkJU3DKybLONtDNVMzCLYkIpqxuB87n7%2F99ay%2FN5WN42K9YACzDP%2FRmHnONbibt%2FirkF2%2FEahIgojXXSVRpvHisxKYTYa7BT2Wb8YKqqB3pmDeZ70O5kybQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbd994b51e-OSL
Content-Encoding: gzip
avtodom-kzn.ru/engine/classes/js/jqueryui.js
188.114.96.1200 OK 18 kB URL HTTP/1.1 avtodom-kzn.ru/engine/classes/js/jqueryui.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (18578)
Hash 07dd0fd802248ec8e29d808c1da0e48a
dd350d1b0f9e31a5362bf0e002b4b27e4ed8e3e6
5a1c0a3238181b90689c76d354c8b6abd72ae6e44f5d394deef97cf1d040c16a
Analyzer Verdict Alert fortinet Malware
GET /engine/classes/js/jqueryui.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 28 Apr 2012 09:06:00 GMT
ETag: W/"10000000011aa-106ac-4beb98798ae00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSv6uJ7XGERiA85MnlBifbfrKDqTrFajZSurZaKLPuVhw%2BbZKdm%2BascCB4yOkEUfmTZsEj54ZycGCdRoB24HFZnDzkYFqspPg3FfrThXWqZsIqoPb4iZ2z1h%2BHFpCIihgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbdd1fb503-OSL
Content-Encoding: gzip
avtodom-kzn.ru/engine/classes/js/jquery.js
188.114.96.1200 OK 34 kB URL HTTP/1.1 avtodom-kzn.ru/engine/classes/js/jquery.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d84913548440d1eb9086fd06a90ef574
e918fcbaecd78cdad42fc472eb022597bdef78cd
1ce4db28e4ef125e64717c133f12f1957841675b173e53a33c0861125065f047
Analyzer Verdict Alert fortinet Malware
GET /engine/classes/js/jquery.js HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 24 Mar 2012 10:29:00 GMT
ETag: W/"10000000011a9-17278-4bbfa9bfb5300"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MNeG5tSH48CNEdAxyK7F6D9Tc6xVr1K99FsKFcgrMSvSMfl%2BVwmek6SyJqR3BlffJkcz3wn1t0Rk%2BQ3XlvjYMjimbJxZxTZBgbSga5XxJeOE4EafVE2JQzC%2F0kzdORsfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedbddf9b4ff-OSL
Content-Encoding: gzip
www.linkstars.ru/buttons/1.gif
104.21.85.63200 OK 2.5 kB URL HTTP/1.1 www.linkstars.ru/buttons/1.gif
IP 104.21.85.63:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash 4c997654465859ceee57735ca511b756
24ab35b006d471673d7b08ab2816e1bb56af4e17
002bd75b2c4066bc4378724618408c47e816b32ee5473c0034087c62dc3f93a5
GET /buttons/1.gif HTTP/1.1
Host: www.linkstars.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 2503
Connection: keep-alive
Last-Modified: Fri, 06 Aug 2010 09:32:44 GMT
ETag: "100000005a1e0-9c7-48d2459562700"
Via: 1.1 linkstars.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=db1FY8%2F96ZW9Yr2Wdr2cGFIn59c9IWmusw2KFHTQNhpyKnmMj1kkWslLza6G4ETuv24d%2B16ovS4i%2B0WGWlrrR76Vn6NzfOhPIKnzTagh8Qxw2SO50bwMlzSo5769C2mSsgYI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3d5d0b3d-OSL
avtodom-kzn.ru/uploads/blockpro/152x74_mojno-privyknut_1.jpg
188.114.96.1200 OK 6.7 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/152x74_mojno-privyknut_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Hash 98299d5c71a589b470de88adc6d8c9ec
4d852abe8057f69f896ca5d52012132966ad8cb0
ff39cc12336b03e4fb054ed918d0456732317366e3c4c558ad930d96d336f1c2
GET /uploads/blockpro/152x74_mojno-privyknut_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6730
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001ca6-1a4a-51089b99cba12"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dChtOKbsVYxaLJ04jtGRruu3UCFFndanG7YpODxE%2FkLGdUX18k8w93d9XvcTANNl1dfLceHNWeDCRiNGyYrkv36t8RSlkVS1ZQW1wh7laeR0x2uU1Wo3jK%2BJ9as1Q9kKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3bb3b512-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_lexus-is_1291183297.jpg
188.114.96.1200 OK 3.9 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_lexus-is_1291183297.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash fbef52d7961d76ece30414cbd10491f2
026f1ef86643f882fc16721046281ffbcca8dd94
fb2f9f12a29ab42853e36e3c80f3e01069eb76b246494d11a17ba5b72a67d41d
GET /uploads/blockpro/112x74_lexus-is_1291183297.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 3925
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001baf-f55-51089b999acd2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdlPaEntjREH302%2FjIDL42uXlsUdHk%2FCWBB9Y%2FFxOb9E%2FPh4eK3DAAArmS7SJqzkKtrNRq8C58uYxKqS%2BNOzGOGisgkN3jM0XHL%2BRO6MIELepPSL6XCH0c%2F0rTaOuV%2BQMg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3e2db503-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_smart-fortwo_1311331333.jpg
188.114.96.1200 OK 4.1 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_smart-fortwo_1311331333.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash ab44705fb6ea5dd1ccb0607eaf01ff87
6fb29e05cd48944d7a933bcc3c8e851c397b0b7c
356d88657a2d0b74c07d39d4cdc199faabfd660bd6c14e8cc7e484e3d7c30929
GET /uploads/blockpro/112x74_smart-fortwo_1311331333.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 4131
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001be6-1023-51089b999d3e2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Fl8nRBG4eq6J0m%2B1eUrg5rTbQkCaunlu7ehD9ilkWJqyBwYnXq00sgy9F80iN9A7%2FFp8A9zcPcHCKDe42hlXv4o5rDkehi6%2B51fcg9EbmTDSdVzj06QHSlnfzduC2mnPA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3eb50b51-OSL
avtodom-kzn.ru/uploads/blockpro/152x74_premera-nomer-dva_ford-escape_1.jpg
188.114.96.1200 OK 6.1 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/152x74_premera-nomer-dva_ford-escape_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Hash 6dd7c1818bb885f12651b5e88da3e827
3fbfbdb294dc1c37af4273376500370e4bc406a0
f923b566ee4d3b50453646ec221b28e7df995f84d5e8d9afffdc78f8b176dc0d
GET /uploads/blockpro/152x74_premera-nomer-dva_ford-escape_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6080
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001cbe-17c0-51089b99b5a82"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crYsp8CJlYCSBkk8UPrfcQ%2Bxr4z%2BEUEdNrOLOkbiiyyLn45N1BX0iRTQB9ovxnoNsvZr42rKu%2Bzfr6FnQRaw8UGgafrwTf9I39Ek5GrrX6nuYEXTGsV2knpoyfRu67rUQA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede39c41c16-OSL
avtodom-kzn.ru/uploads/blockpro/152x74_na-luboi-vkus_audi-tts_1.jpg
188.114.96.1200 OK 4.6 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/152x74_na-luboi-vkus_audi-tts_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Hash 94dad03bf8fbde1fe0c6c891a26d3773
f1e855c736c50450fb871ac8cff12d07d39c9c30
72df7c5951f981610321e809d398ea4be70f8c9f50bf8e6c68857a472bdfef32
GET /uploads/blockpro/152x74_na-luboi-vkus_audi-tts_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 4637
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001cb2-121d-51089b99a7022"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8D0sg5HnskS9wZYtgJzhVphNW7ai8TLrMXN1e7Ql4xPuJHFeXg4bE5d90YZLL9Yd7ze1wYuqH0Z7WUaugQYTTAhk%2B%2FgnlVQdGArraMacyPIRo%2B1sYnT1CvrTjNgmX0l2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3a90b51e-OSL
avtodom-kzn.ru/uploads/blockpro/152x74_399921.jpeg
188.114.96.1200 OK 6.9 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/152x74_399921.jpeg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Hash b4a1aeb165f8160fe2852cf7dec53039
26cd5e3db074801762dd57059eece613cc95eef4
123b4946a99787631f4ccde3a7351cc38c206ccc35454a065178834c2bb654b5
Analyzer Verdict Alert fortinet Malware
GET /uploads/blockpro/152x74_399921.jpeg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6880
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001c8d-1ae0-51089b99f0403"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHZ2qUdwwzE8sDemw5ViyMmG5olRg11caYBtJNQ5zPFPuLUgzPnm%2BQs2XxBhMtmCRQLhgsZuVNEyCLyCnPHbngj6dLypd051ujU%2Bjyt5e9XNU%2FX6bhwZJsShuGrlqzry0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede3ee2b4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 91
Cache-Control: max-age=103489
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:30 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:08:19 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
avtodom-kzn.ru/uploads/blockpro/152x74_bez-skromnostei_kia-sorento_1.jpg
188.114.96.1200 OK 6.1 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/152x74_bez-skromnostei_kia-sorento_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Hash 26a3b5187481ff2df5b892595645a046
eb15792606b98a3df294e8694aef2cc3b45f9ac5
b3fe67a304f5ca2912b7ef963597608e91376a6a1ed55c2ecf1b0a204700aa3a
GET /uploads/blockpro/152x74_bez-skromnostei_kia-sorento_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 6078
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001c93-17be-51089b9a25f63"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heK1QklwyOOQJSOk9vJQWdytql%2B7WLrzJhy%2BeMDori0M2xXIxGbTFFRc9yd2eJ0bekdm86lPxD65j9W8kHUIO5%2Bkivnkhb4Z5RFZ%2FD1v2sGAdfZMPeSadbZq7oCeYwx%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cede9beeb512-OSL
avtodom-kzn.ru/templates/auto-new/images/audi.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/audi.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 358e1c9e5c3fa24e8ff3da8ffbf4054e
25ca7ff23c895ba0bad974eba6267c0b2b1a65f3
e87237c237ca404d241acda142186e16863fdf70cb38c822382a2d2d9d25b148
GET /templates/auto-new/images/audi.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1094
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:57:58 GMT
ETag: "1000000001690-446-4bf27386add80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QI%2FW336rikaeF8jOOsFhvbxgLuV8NJ6CQrwLIIUJ54DUlKS0k%2BO3iaTZArcO71ESC%2BFFne3IiNE3SPbW%2B%2FhzwSlWIaRrCi%2BcLD4VXwt2HZiEpYMQF7a0nv%2BQ3lCcKWJ%2FPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf4f1e0b51-OSL
avtodom-kzn.ru/templates/auto-new/images/bmw.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/bmw.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 4c59f20286ab76590c92b179048762dc
b0c60f1f09388a9dcdb24a9e55e7398ea0a874ed
009f32072179abc0f4ef8535dbd62a3d70602df161749538a2155c2e97041e17
GET /templates/auto-new/images/bmw.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1155
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "100000000169c-483-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHRE%2BT6Cs8TvpFNmg9JIBpJiR7Bj1zYLEKEznFzY4hP870H4TgS%2By63DANBEIUmGBzI%2Bvb6IoJmFByOBNTDbCZlaB7r%2Fo%2FgyBHOo1nx%2FRrwz%2FPJtdqJpiJ0L%2B7gGxYdyQg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf4ae3b51e-OSL
avtodom-kzn.ru/templates/auto-new/images/alfa.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/alfa.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 4c2ce953edf3cba6822beb343f8c7c7b
67301ec01d57f8bd92bd0b95e1edade5c7ef9e62
eedd96470b970d6017d105b105e1864df245f8a22996c2f055aa8e0cd8f5db4e
GET /templates/auto-new/images/alfa.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1206
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:57:58 GMT
ETag: "1000000001689-4b6-4bf27386add80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1OZl6QXORxri8F4Pr1N1Q8%2F1keZovF2O17FWV8FO315qe7KJBrGCdzmJqjveEzcqjjNkJpZKuUs2jpEGsW239l27wM43S%2BC40YQaGbFPubNoqTBzYzDOXNbSLTtTUYpiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf4a1b1c16-OSL
avtodom-kzn.ru/templates/auto-new/images/chevrolet.gif
188.114.96.1200 OK 579 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/chevrolet.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash c586f2e9b43007c940b337766971e213
031d0e4f6d229ef2477a3c8dda9f9abef4169c92
760884c5ab101a9d2ecbb27e010e7efa5b565e7959fec347586c3799a499dfed
GET /templates/auto-new/images/chevrolet.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 579
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "100000000169f-243-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPQvv0UVkiHouKd0vvLAD%2FSDEQwod4zetqxBn21TfF%2B5Z218LoSqs7TatB2upAj3CplRxTF5pH54Mr8ISAEa3bHeRfzqVdRFdnmwLwRVizqnUBayznfv%2Bad3QU92VTLJmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf6f5eb4ff-OSL
avtodom-kzn.ru/templates/auto-new/images/chrysler.gif
188.114.96.1200 OK 555 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/chrysler.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash c4975723b2b3cf66345fb04e434ced66
f6bfaf70e22d27f84c2ce662896580106abffc3a
19d4753a7453f46eeb072cf9678ceacfb2ac56e77d2d4270af147558b1ef114f
GET /templates/auto-new/images/chrysler.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 555
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "10000000016a0-22b-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOahnXD2LINYQpnUf4n8gASKUpkL1zg4wW2Da0jLdwWiNZFPudn6J1zVzOdcCunpYrgGmJuMTkUfb1L6AoP1AO0ja5prnriIm%2BSvGeE%2FPaOqn4du8JdYkLOuq9Vd0jnp4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf9c44b512-OSL
avtodom-kzn.ru/templates/auto-new/images/citroen.gif
188.114.96.1200 OK 618 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/citroen.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 19\012- data
Hash d8344e557926264c59be1852be90ad15
06489acaa3f6098888bebfbc18f703c55d4477f9
8b3c971a969ceabb86a8322adbdace4f3810dc4ef14402054a8e3e2f3f08b137
GET /templates/auto-new/images/citroen.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 618
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:00 GMT
ETag: "10000000016a1-26a-4bf2738896200"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Dkk8Wai%2B4fHBia9H3FpZDrPt1rhwP7uP6IQCEBgkE5fQN9lV%2BccrMI96WL0YOzFMolY2U8MmVEYyDodmDY%2F3A8VXnOuVlXQsoNT91jESAIaRO8mB6GCgCErJtorFW08Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee00f640b51-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed999db91146cdfd9ac1d178ffd7b6ab
f4be7104633c84b1e170f20426671e0c9d649bbb
3ce4d863b27cdec31929e8fe8935c1f8fd15f6b1e8cb1a26d14d87360c0fe9e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CE4D863B27CDEC31929E8FE8935C1F8FD15F6B1E8CB1A26D14D87360C0FE9E5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2511
Expires: Wed, 30 Nov 2022 05:05:21 GMT
Date: Wed, 30 Nov 2022 04:23:30 GMT
Connection: keep-alive
avtodom-kzn.ru/templates/auto-new/images/fiat.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/fiat.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 373d94576f04551aa99b148c1975a3f1
8e7852dd7d587f96ee3e09a161ea1984f649206d
7ce25ed1ee0d3d16d3dbe18d37ff4473177a490a615e6b68ebfda110db4949f9
GET /templates/auto-new/images/fiat.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1207
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016ac-4b7-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J825j95kkaM9mUvqqc51iFOJUlknui%2BxpJxj9fByoNR5sPV7REJxcEX5GGxQV3gramBMBTmH7LnwiMCoZAXffethZVyTaNnWK5m8TpPdSvKPYM63SIYQaCjF7rUYqHWJHA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee01fe7b4ff-OSL
avtodom-kzn.ru/templates/auto-new/images/dodge.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/dodge.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash c09229759e70266ca150e91a217ab673
fdbccc534da8f08f0a7a8f6ccc8ea6a596e22965
37b248b1c06ae8f661da27e85dd89b7e913b6ea3a3f550b484276f4339478a5b
GET /templates/auto-new/images/dodge.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1211
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016a9-4bb-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJCb0Thg5RssiyT%2F0Gf5Djn1t%2FbZoxcmZ7Yfk1MJDLy86UoMjuUmHZHCK8Bv3HMtE3lmPJiXNDlvQ2kDwjT%2BXMrXhize59gsP20WBijclr7oApYLiNbMhg3gZ6ll1xJmGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee01a501c16-OSL
avtodom-kzn.ru/templates/auto-new/images/daewoo.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/daewoo.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 43fa347014bdfc3297dd867b4325948b
e8589f4392f29f7b97862622724d25968c084d1c
c6165f5aef85670897205ad2ff06abdedde0b173beff1985db4e681c62fb0552
GET /templates/auto-new/images/daewoo.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1065
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016a8-429-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm48SmpGVhZPf3v6Z5SNKb%2BtcwVpqqbv3J5tuPM7GwzO%2FcPRcgNR8JMZ%2BVay%2FzfwTWPp4giXqDDnUnQor02oRKw15uihg6MdabFFhtTNuPtlJIfwob0a%2Bs4d8XaZXVJ2qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee00b2cb51e-OSL
avtodom-kzn.ru/templates/auto-new/images/ford.gif
188.114.96.1200 OK 992 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/ford.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 1079aca58454fd3da0e659f00f04683d
8f22fc5dec9ee1626a0cd758f4dc2510e66a5cca
184d3cacee9cb40f821db0f5d3fdea87dd80ab0e5037f9f364c0279a352fb45b
GET /templates/auto-new/images/ford.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 992
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: "10000000016b1-3e0-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyhlinIltMOiOTnh8ZCEcq82TqaOlx%2Fjua5aGOVnImb4NWL621b6abUvRhbcSiZQ7Mw60tK0grJXwCeCl8qJaIqzQbDAnTkmVivCK%2F7LBMrlGcAEC74h3uQf5csXQ9PcRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee06cc5b512-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed999db91146cdfd9ac1d178ffd7b6ab
f4be7104633c84b1e170f20426671e0c9d649bbb
3ce4d863b27cdec31929e8fe8935c1f8fd15f6b1e8cb1a26d14d87360c0fe9e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CE4D863B27CDEC31929E8FE8935C1F8FD15F6B1E8CB1A26D14D87360C0FE9E5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2511
Expires: Wed, 30 Nov 2022 05:05:21 GMT
Date: Wed, 30 Nov 2022 04:23:30 GMT
Connection: keep-alive
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dtGNEIiXg0YTLrjTsie14A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sp4TbPY1fJ1HU5KEJejdnBJzlTo=
www.acint.net/aci.js
46.4.114.109200 OK 7.5 kB IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
etag: "61a4d3dc-1d25"
content-encoding: gzip
expires: Wed, 30 Nov 2022 16:23:30 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
avtodom-kzn.ru/templates/auto-new/images/honda.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/honda.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 4a5fd162da8585b78540667bb8020776
c8f23fb988eae22ac42f7187600bd5a6b1b02226
81e235d7eab502e4a2c9f97875b2afad2d4172f8610def12ef044592648bea8d
GET /templates/auto-new/images/honda.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1141
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016b5-475-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQvC1YG%2FUJYQqXf7b6FrnGnvZEwgrx6jbKZMFpG1nG3PU2V0qXWpy4gv5GBiY8ok4345%2FbYCTg99Eb9GcaLtSI%2ByaiJTotNPE1JdT789kDqvWDLaiMH5bTLdaS3RK1%2B0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee06f880b51-OSL
avtodom-kzn.ru/templates/auto-new/images/logotip2.jpg
188.114.96.1200 OK 56 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/logotip2.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 700x319, components 3\012- data
Hash 04ce6e76e33b53010246762f6651a546
3b66fa69a493fbad387a59b86cdf3a74ea918403
83f1efcd3595297c08a6e5547b3434dcbd750db70a3ca2f77737ee054564c5fb
GET /templates/auto-new/images/logotip2.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 55837
Connection: keep-alive
Last-Modified: Thu, 22 Jan 2015 22:25:17 GMT
ETag: "10000000016c2-da1d-50d45258d2897"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBzw2XB5toqucgvA%2FnmcnCIbPflPvDqjhX0ThWppLPi%2BctUGh7nerPJ4ZeIxDdxpIPQZxFjw8cFfyzQrfXqRtEcthg3P7TxNYkyIFzl5G%2FBbez6%2BP1BdRIRB21afFME64w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cedf2ea5b503-OSL
avtodom-kzn.ru/templates/auto-new/images/hyundai.gif
188.114.96.1200 OK 1.0 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/hyundai.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash b407cdb8cb338a09603c0e8cd9415804
60c626c534fe4db29d53a9d3a362f8ea93cf2295
9a56b58e009ea0e52ad27365ba1dc81f9933280ca2ff6e8699e71946e2f2985e
GET /templates/auto-new/images/hyundai.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1046
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016b7-416-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUuH4Dgsiy8l7hEoU6FzuU8q5TxET5z0RYa50ptAvJGOCRia94tQkWdMWto7VxwXqZ2hECUB907GvI1OalNn6YrjcIgHvhpr6Q5%2F05VFiORMhBQFspaxVUXaye0JYYRluw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0b81db4ff-OSL
avtodom-kzn.ru/templates/auto-new/images/infiniti.gif
188.114.96.1200 OK 574 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/infiniti.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 950f5b96a8f1afdd98bd7fd3ec1f3e18
88191c1d20ab66ac9a3ea892af35e28deb04a1cc
9849acc5627bb31241d6cd075015fb3ad7041a8e33a3c3329713a80011dabf31
GET /templates/auto-new/images/infiniti.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 574
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016b9-23e-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QVSsr2s%2B5u7OB%2BTVsngsmwzu18bG043JR2sMkMiDTsbRn%2B%2F5QoqrAug717SzQKNiv%2Fz%2BYIADzNBsPZkLUMteN5CnWJ%2B0umJjNkBeP%2B%2Bj74bPHwfy74PHv7V60ximHAqhg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0ca731c16-OSL
avtodom-kzn.ru/templates/auto-new/images/kia.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/kia.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 35d5cdb2df6f6cafd21f684979bbf69f
21bbc37edf64d5e0507207f6cab2f302bd939d8d
23cf581c1f90d438811222b24887fb732418568a775b0eaefd87faa2c7566c2d
GET /templates/auto-new/images/kia.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1124
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016bb-464-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XJmFv28m%2B2iBlP6R7B9B%2BHYfSSDhAfCylZtHc0dzIEo0BfwrbIx0mr%2FaDx3%2B8MmkT5QP%2BmQaxXEqhuMJrDZRXh9rtZdGXe0pv3cxCXstJv9XNuHrn0BMTnPpv4KFRtoWw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0cceeb512-OSL
avtodom-kzn.ru/templates/auto-new/images/jeep.gif
188.114.96.1200 OK 604 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/jeep.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash a5c89132d30353728891d002ad50fb2b
2b47a166b7ef7192e06736f61cd3eb537bbfc546
5716b2dd319ee3a069d517ada35f56f20b1b2621064ece79af563179582d2d88
GET /templates/auto-new/images/jeep.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 604
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016ba-25c-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EiQwudbEc4CWFjfZYmHJcTB0%2F92LSafRWCrYGngNmDKHDolWpDCTjuhEzHhb87GNB4pJFc%2Bmp9%2FgFtnzItJDNtZb69DHODWvRTC7ymFMk25BHPKjzBKOgpes7p3r%2FjvZA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee0cb6fb51e-OSL
www.acint.net/mc/?dp=10
46.4.114.109302 Moved Temporarily 142 B IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9
46.4.114.109302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9
avtodom-kzn.ru/templates/auto-new/images/lexus.gif
188.114.96.1200 OK 637 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/lexus.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash aabd808936df21bfe33cb9e5da347bee
22192b107138a5c4b0bc2220f800a0f6244f966a
696c50d995e4478ba4491ca4d7ac3d0314538397c8bd2606b293bfbfd1526659
GET /templates/auto-new/images/lexus.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 637
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:04 GMT
ETag: "10000000016bf-27d-4bf2738c66b00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMKPzLDQRD1rIL5SSQDu0AO4ZQtk2NS5LYGqQYSAO0Pk9rHf2Uc7KvyacFkDXnqcVKwv%2B09B%2Fhqw9wjz8s5XUxNN4T4eD4bePK4i7MR98Pv7zAPtEDsTfMt5FHIetmzJcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee10fc30b51-OSL
www.acint.net/mc/?dp=10
46.4.114.109302 Found 154 B IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 30-Nov-22 04:33:30 GMT
aid=LgR5GmOG2sK+wAIkFtVKAi7wA/ck9wiOXpnblAQMrRbMXGJh; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=31406537&u=http%3A%2F%2Favtodom-kzn.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%B2%D1%82%D0%BE%D0%B4%D0%BE%D0%BC%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%2C%20%D1%82%D1%8E%D0%BD%D0%B8%D0%BD%D0%B3%2C%20%D1%82%D0%B5%D1%81%D1%82%D0%B4%D1%80%D0%B0%D0%B9%D0%B2%2C%20%D0%B0%D0%B2%D1%82%D0%BE%D1%81%D0%BF%D0%BE%D1%80%D1%82&oE=1&oP=1&dT=2022-11-30T04%3A23%3A29.671&fu=02884d1f-2511-4581-9c78-1a93c8e990d9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
avtodom-kzn.ru/templates/auto-new/images/mercedes.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/mercedes.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash e2996699c2c5cce4ae99aafc887e3cbf
b9518360f306adc342d4bcdc4bd19da001fc846f
6b83706da8b6b794b664e0a8ca1d750ecb2516666ebccc74c853115ce55e9ac3
GET /templates/auto-new/images/mercedes.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1092
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016c8-444-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QoKRLHWIjqL9vvPB%2BPLqP4eiEEu1%2FD4E8i%2F6Gi178k0HA%2F%2BdmlGSozpGbpcaC9cSegI4EyXYVjxKcqfNBU88h3QGkMQg3s0E2%2FQZKhcYe8t1FqP1gUm4HvvHfVzuso1WA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1786fb4ff-OSL
avtodom-kzn.ru/templates/auto-new/images/mazda.gif
188.114.96.1200 OK 1.0 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/mazda.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 36bc90716440ce7dd6f2f44c52798555
0b696d416f5025834c64aa2f7cd5d279b61e0a19
8e9b4687593ae0ab12a377b0703b6298bc3373c42db83c06f29679faa9ccc917
GET /templates/auto-new/images/mazda.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1037
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016c5-40d-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z71oRu2EDoPZ4DsJxDCimJS0ZQx0pX%2BvXlWI%2FAlfe1ZnGiw3y9tXjIhxRRXerixIzTFCJNsfD7wl6Ztxd7B2yYxn02vOgunki8Fmwau539FxT%2FeVAOxtHeOV34Lz26LqhA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee12f57b503-OSL
avtodom-kzn.ru/templates/auto-new/images/opel.gif
188.114.96.1200 OK 624 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/opel.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash edb2f2e6ae2da6b96b632ee9db0c889b
9835dbc3c900787a9ac9b3070b03dcde91f65536
72a77fa88d4dfd50e2a2911b20a07f3f9426f0388dba3230decee2e2e49d74d1
GET /templates/auto-new/images/opel.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 624
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016d0-270-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiT3VOrpryPO9bm9F%2B6Mng5IGkX%2BWzAtEStq7UcmoDmBjmKff15LHB7%2BSJhfrAdVSVsebNQif69y1fKEep7GsHeRua2v3IabUx7W3FQXTihw7qY7JBAPL1rf9K8chGn0Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee18bcab51e-OSL
avtodom-kzn.ru/templates/auto-new/images/nissan.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/nissan.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 9251434327a99f5d3686bc377442b6f9
cd83d4b026ce9f80ee6facc69158796c380130ae
60803a062426991f268b6ffc8d2e2baf04e20e29fa729101544c04e515d2b25b
GET /templates/auto-new/images/nissan.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1112
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016cc-458-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp7pl6fWb1ds%2B8WZVnhWKFTnR48ljXyuW0Xlppn%2Bsk0%2BolLS9ACSDaRq58O3s68kHEkXaZuUzyw7dn1PQ6ngw%2FUvJrGCf%2B1I9EUR22l4mJ2JoHpCkCU%2B6Wf5YkjfA7mf7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee17d1ab512-OSL
avtodom-kzn.ru/templates/auto-new/images/mitsubishi.gif
188.114.96.1200 OK 613 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/mitsubishi.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 18527f75e7694abb59c366a26e5fa8f5
2f5dab23f14cfa7caf6126d0bc062618e57d3d3f
180d165fd50ed9732e1197e50027257fdc00efe8d2cd50a3b09033e2cb9f4dd1
GET /templates/auto-new/images/mitsubishi.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 613
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016c9-265-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=veivRY6lJbSTQLyEBZ%2Bal0CywJvFDIJo7Eg6sLAulRvG8qLdOhBQqUK11v58oiK4iUsAI3ski0odPLIVgi1%2BVFWqeYF%2BwbTfY4eqdbAOV1AK1If2xgiVVG8nXhcCQsMATg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee17aa11c16-OSL
avtodom-kzn.ru/templates/auto-new/images/peugeot.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/peugeot.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash dd85a94d7c570790295306c320195ddd
1b3068f0800050ff02016acd11151237e969175d
56514079e54dd64573244652db54dc1405a718175457a6d977d8bad94c22fbbd
GET /templates/auto-new/images/peugeot.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1149
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:06 GMT
ETag: "10000000016d2-47d-4bf2738e4ef80"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0lSeVkI6PKuSFLhgZqNq5UYfdQlLvDg4Y22kBVYgNNA3dAaBsduKOcdKBrvdZdOPl6hTLA%2FVCP4lWCGt4bmu4bGBGmxLMnPJs3o0Z0iuj%2Bom6qPy6H4tbxSD5uS6hUvyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1b8020b51-OSL
avtodom-kzn.ru/templates/auto-new/images/renault.gif
188.114.96.1200 OK 742 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/renault.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 83151526c8d4e87997116d72e5cf32d6
db6e27b360e4e5e5671c788766cfc9c8399e0e9f
8416064063456a8984ebba33e5856c70572146e47888fab794b216b4cddbe13f
GET /templates/auto-new/images/renault.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 742
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:08 GMT
ETag: "10000000016d8-2e6-4bf2739037400"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46Ti7GYmOS5C0n7vly8c7RYwI0%2FPD1FtVRYbcet%2F5n0X8Lbp5JgFuxlqyh%2FZKO7U3OL6znsjYB3NV3jy1B50XGITkh8o%2F%2FHanaJcatikgIkFMPoUT2xVEYls%2FwbDKDtE%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1d888b4ff-OSL
avtodom-kzn.ru/templates/auto-new/images/saab.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/saab.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 99fa4552988d9ba60ef6511a887e80fc
f99d9188b4f63fdbe62137a3fa42b8372ba119c8
ac295df3a1d97eb9fc402778d214f0c0d697881b2485d40589f955a1545b9d74
GET /templates/auto-new/images/saab.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:30 GMT
Content-Type: image/gif
Content-Length: 1180
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:08 GMT
ETag: "10000000016dc-49c-4bf2739037400"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxROD2OCA%2B%2FyTJLposK20CnC9ElHL8H%2B%2FpwA3qFN5B%2BC9kPz1yi9RY5ZNCgysC6kqqAj2NwIf54LW5L7ZfEjCKR%2B4yraowqn9s6quMldpeYT3rXHqGr2djChzeXp4%2Be2vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee1ef91b503-OSL
avtodom-kzn.ru/templates/auto-new/images/skoda.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/skoda.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash c5dfc427ef8c35d49638b9c6fd689b77
081f069a9f5bf946ee63389f3a95cb274f5586af
b619c13308eb4ecd4a0c171b5d09492c03eb68e741ccf0ff755edbc1884ce81e
GET /templates/auto-new/images/skoda.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1177
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:08 GMT
ETag: "10000000016e0-499-4bf2739037400"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rji%2F%2FfQUb74qPtjpN21wDK2hRMzBmXEwpdS%2BmA5PBXbcRjMMgJopiYcjK%2F4jkv%2FZOkHHfDaHGncS%2B5lhd4tOh8RSu2MhZprkPE5yEG%2BgF8VhtcagYeW9P4yICQTJuZ6Luw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee23c0db51e-OSL
avtodom-kzn.ru/templates/auto-new/images/volkswagen.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/volkswagen.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 2f7ef10afe85d26baadb9b4c9b1c8a84
5aa98eea379d1c4293a9f1648fee932a528890bb
7312d89e57240db6df01341dc6a0982ac8e7bf5ef07a0abbb229575fef851ed4
GET /templates/auto-new/images/volkswagen.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1190
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:12 GMT
ETag: "10000000016f2-4a6-4bf2739407d00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S13nQflZoZtzgXwt%2BVSNwqbn2Viji3d3hyjTCIKrkv7sBqds9dASg7jkaJKYXIXeCdF2OFbKezEN6qZlznQ4VGlrH0AQQgfXIvUsK0oM%2Fv8mmYD17xv%2BF1%2BG4ilbpAy4EA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee288b7b4ff-OSL
avtodom-kzn.ru/templates/auto-new/images/suzuki.gif
188.114.96.1200 OK 691 B URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/suzuki.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 7fcd8f9b64fff50546fff52ea305af90
7e406cbff68cea679ce159972fff386e2419043d
a4cc280fec9669ce3720493a609c24ecc4835a5a68dce722792d0911bc93a858
GET /templates/auto-new/images/suzuki.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 691
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:10 GMT
ETag: "10000000016e6-2b3-4bf273921f880"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sZEMdLL7MEJkWPxkyth4SEM1XAOZlVihLIv6IdWZ8s9q5LmrhGwFRI2AWrw88SzA%2FTmY2fz9WYafZDNYzEiSDpK2mYodTIGGvJUZ9bEArzkWm870YUdV0GKZkpYonCOOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee24aca1c16-OSL
avtodom-kzn.ru/templates/auto-new/images/subaru.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/subaru.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 9c3d6051b90571c63e7003e9555a6ab0
0e15e8cfff841a366e4973a2be882dfe626c3de0
b4cd589e4f81b5e5486d15b331e27fc1b4ea6c499e5de9703d1577a053d5924e
GET /templates/auto-new/images/subaru.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1050
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:10 GMT
ETag: "10000000016e5-41a-4bf273921f880"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hcksq4exqWUQ8LZfz3a45alDxtuXuwj4pTLSdBFAMql%2FZv4UMiEovq%2BjfTl0LhPOQL2M5Bz23y2Fk7WHdCkuhQtIR0vAc8WzIobVHHKOJNbsk8aDi3CCfU%2BluIKOW5BHHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee23d6cb512-OSL
avtodom-kzn.ru/templates/auto-new/images/toyota.gif
188.114.96.1200 OK 1.1 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/toyota.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 753dd3be7407a158c7578b15491fc133
15b31606573f61829923642dd317502cc75397c1
f6fd666c07d552ca1eb48e060afbe04f9027f6cfdddf386dccad704074d6985f
GET /templates/auto-new/images/toyota.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1080
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:10 GMT
ETag: "10000000016eb-438-4bf273921f880"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnP2ut%2FKTKSl3nMOwuxzij7XOBtkMFtI2dNIwIHuLQ4W4OTGNenuS4H9s6QEyaMqQzAd3u9WdrnpVTCNJKJjm4Hc7eSdh4pSpTp1cRq1aBE87nijVv7UCDdLG2Rb1oKc%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee2783c0b51-OSL
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817
95.216.101.186302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT; SameSite=None; Secure
uid-legacy=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=0100007FC2DA86632502402F02022817
37.18.103.21204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=0100007FC2DA86632502402F02022817
IP 37.18.103.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 04:23:31 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=8471e15f379733954541; Expires=Thu, 30 Nov 2023 04:23:30 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
avtodom-kzn.ru/templates/auto-new/images/volvo.gif
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/volvo.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash d7b29970dfa51a2b3519fabd94744d51
b2d7fa95563632f883d7b4870120518fa5de7f20
b5dfb2cebecb093ff63fb8f7b6b59b90f1a5237fccfcc5e662a21f63066a1221
GET /templates/auto-new/images/volvo.gif HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/templates/auto-new/style/styles.css
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 1170
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:12 GMT
ETag: "10000000016f3-492-4bf2739407d00"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrCmmyrtzgEdR%2Fuy9H2pObGAxwnMqBifsZlr%2BNqbQ16a7RgVhf62J2qyRdBD3BNsSCaYY%2BjC1rXxwSUzcwaWh9na%2FYpPvNY%2F0RoVGm7Bh3hr%2BdsIMVy9C2kQaZ6t516UnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee29fd1b503-OSL
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1
95.216.101.186200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FC2DA86632502402F02022817&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=beede433-7066-11ed-8ff0-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT; SameSite=None; Secure
uid-legacy=beede433-7066-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Thu, 30 Nov 2023 04:23:31 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fd17d2a0cbcfc6ac2c299032ee3a8044
971e581c49a1daa4dacf9bae569cffbe7235249b
357c697f582c1287b42a697c3d3f81ef212cce9f4858f8016ad0c5fdff3d5b9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 149
Cache-Control: max-age=126965
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:31 GMT
Etag: "63862723-118"
Expires: Thu, 01 Dec 2022 15:39:36 GMT
Last-Modified: Tue, 29 Nov 2022 15:37:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
avtodom-kzn.ru/uploads/blockpro/160x100_daihatsu-bego_toyota-rush_13.jpg
188.114.96.1200 OK 8.2 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/160x100_daihatsu-bego_toyota-rush_13.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Hash dface27cefc8e24d82273a241445159f
388e6aef8158ed31f856216ff01ec34786d09a9f
cfa64d91289b45d508636cf373523d87d6bdd678af162af1a9e1671d74293e5c
GET /uploads/blockpro/160x100_daihatsu-bego_toyota-rush_13.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 8190
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d0d-1ffe-51089b99280e2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWwfuhO4RRmKTo0Sr%2FfxfiplRg5%2BYsJ%2Fe7YjMZsTSe30cHGU6SlZk4iqoq1tTf3ZZIog8x3ZpkJJkAHitHK4JaK3muyKjrDYWKT6%2BLSAobV%2BK%2BgoQUNLSsenLXDU8lVdmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee2fc4bb51e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9769e2a53532bb8b5c5c80cb1082693b
9a010d35c1889ce7f705a595e9a958b41d652780
fccc7f3f9e20887c0121de115349c0d795c053504c79c0f37c9f072b7e1d8240
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5521
Cache-Control: max-age=159680
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:31 GMT
Etag: "638691f2-117"
Expires: Fri, 02 Dec 2022 00:44:51 GMT
Last-Modified: Tue, 29 Nov 2022 23:12:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
a.utraff.com/sync?ssp=sape
172.67.217.151204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP 172.67.217.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Fri, 30 Dec 2022 07:23:31 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Fri, 30 Dec 2022 07:23:31 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=curvV18T3vU6V34WOlivMbPb6W5RxBWMCO%2F1cSW4v%2Bo3NZwTJW4q6hiAP%2BO0hcdhI1uGJ1vwqEWA6dHsQu1%2FKva1qesI%2BFCTEMkaEc4DrEQw%2BT94Kp5qt6Sb0WhFSZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720cee39b88b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
avtodom-kzn.ru/uploads/blockpro/160x100_perepisannaya-legenda_honda-legend_1.jpg
188.114.96.1200 OK 4.0 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/160x100_perepisannaya-legenda_honda-legend_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Hash 7d59af95467473aacb4cf4991bf983cc
6a65031709a56f78e40c955c767ffe4329085f52
d96c46e14133d5d4b5531090104186c02983dd0642530812eba5499efe28ed39
GET /uploads/blockpro/160x100_perepisannaya-legenda_honda-legend_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3966
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d49-f7e-51089b9905e01"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S33a7Uc1nb5osNOdMSTOcoTY9D1J7x0JBr3XKZFOHYfnnyniCzjtdSrgrKCcd%2BeGkAE6kHJUG7LfLBYQInLwnTZ055c6rsSAxiogaQWN2eTwJR1HyEc6A0ZsnDTf%2FIfMDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3a81db503-OSL
avtodom-kzn.ru/uploads/blockpro/160x100_golubaya-mechta_honda-civic-4d_1.jpg
188.114.96.1200 OK 7.8 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/160x100_golubaya-mechta_honda-civic-4d_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Hash 3fa04f5cf49b51d932e245a8acb0fd09
460ddb98d8c36b40acbb5d93c165dc28c63d4ec6
dc8d917b90ec43eb9fcb194cdee7f96f3975ad5d8d712b0af477a92c49280e3c
GET /uploads/blockpro/160x100_golubaya-mechta_honda-civic-4d_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 7802
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d27-1e7a-51089b9912151"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1Y2F3KomM7aYVfijzfxsYsH2pPv9MO52RLcCklN%2FL0nIUybGg4gsvZTAI4nkMSaPDV%2BgSwpi%2FzMIpDtg%2BeoTwNiMcUcKG5YqVR6SdNoEvla1E3ffLj7sqfANDBGwuNTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3bc88b51e-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_1601422272_c18dcb49770ff96fd364e4b820486d130a6444d3.jpg
188.114.96.1200 OK 4.6 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1601422272_c18dcb49770ff96fd364e4b820486d130a6444d3.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash c6c51008e1af089e268ab02cbb2202e9
4156a748197c577f9d84ad9197e28039160ac529
f428a33549cad37369b4c2127dabfd8b2ba3961bdcaf560d6f5dc2be9c9ad9b4
GET /uploads/blockpro/112x74_1601422272_c18dcb49770ff96fd364e4b820486d130a6444d3.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4550
Connection: keep-alive
Last-Modified: Wed, 30 Sep 2020 00:52:56 GMT
ETag: "1000000001b30-11c6-5b07d51fa624e"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bm9R32Bf65YJaFCiyLeCCxPxHzbjzVVnjf5fjU1w3zOab931MKlKohsCzewVEVHVHf4J1fga5Riz2uohgtkHe62%2Fp%2Bc2SPJBNsSs5ewdxn18nlfyRNNy92bt4mekNOy%2FqA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3fb511c16-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_1429719009_6080_default.jpg
188.114.96.1200 OK 4.7 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1429719009_6080_default.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 70533c32c22f4bbd020df31da4436e43
ede90a439df781b85809081c7f97f5a935d3378c
6e2595d6e3de2096a2cc5088883c2a7663421fe782d8a571a7c5e4d522302141
GET /uploads/blockpro/112x74_1429719009_6080_default.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4709
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2015 16:10:33 GMT
ETag: "1000000001b2b-1265-5145267263db3"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGTtJ32kxvcFX5Qwae9UGyw5zmJ2jWblN1gGyutZEPqC9Zyg%2B76H2lQMUmRciPzj0z2AhPGOVZbvifhyyqWR1JBrdpiT9yd1NtEux9Mhe6t87GFTNz07TkWTzxHNBHAAdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee4185fb503-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg
188.114.96.1200 OK 4.7 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 3fbbc16471149dca6ea8658b979decb8
4bdc60c606f47e82a0cb3853a3e61f1bc1335e1a
b8db4ed7ada243655c635c1ecc5b913c2c6c9899d2b7aad34454a5ea0b153f8b
GET /uploads/blockpro/112x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4730
Connection: keep-alive
Last-Modified: Mon, 23 Nov 2015 16:51:23 GMT
ETag: "1000000001b2d-127a-52538090b26d8"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owS7%2BySvfKfym4cIfUX3g4yhHBKfaC8EKMn7H6tFI1YN9S1xWDFg1iULi9eUIReOasksRwJtA1BSMTQHN73fHnzC%2FErdeL6BvpHNnt9XAWyrs8P2S7Lm1mAJ0bJz%2BZUWnA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee479110b51-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_1478798412_donald-trump.jpg
188.114.96.1200 OK 4.7 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1478798412_donald-trump.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash a20842ae7b3967968aceb352e1735dee
84a767b24e1d6d9c23f4d315fe011e834e1c3df5
d3a8452ad05adb1ed225e61b5e676d420f9d4bd9f5e96348ceaae6e48790b36c
GET /uploads/blockpro/112x74_1478798412_donald-trump.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4668
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2016 17:20:18 GMT
ETag: "1000000001b2e-123c-540f596725448"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVyalcQ48H75MdGeb9XzbfO147WDD%2BTF0%2B25%2FHnWB9CuqGdWSiupD8Z3Ox7DcUfBsUFRDoyBWiMf7sLA8VtOyBer4KWa47xztd74%2BNO6lEeQKwtMD774U%2BD6DwlfLO51tw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee4c8adb503-OSL
avtodom-kzn.ru/uploads/blockpro/160x100_opel-corsa-gsi_1.jpg
188.114.96.1200 OK 7.9 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/160x100_opel-corsa-gsi_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 160x100, components 3\012- data
Hash f40e2b8c402d275bfcb42c368a82197b
dd01a364defe8df2bcea8a3440be42fcda5f895d
506234718b5345a5b771b7cbccd3747aada797bdc0735696044c26a78934e3d6
GET /uploads/blockpro/160x100_opel-corsa-gsi_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 7934
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001d3f-1efe-51089b9920bb1"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ub7kZeTUyOGSfGNv4ehnwM6YZKo%2BzAKaCnRvfTRJ%2BdDF2uzRJIOQu6XWCe0vpF02Miy7rfYMoc2%2F44uZgLziJqqRlfpzPRtmA4teB1TAlA9G6IqHhCEB%2B9WI0tXteAW%2BAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee3ee12b512-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_1597423925_utilizatsiya-avtomobiley.jpg
188.114.96.1200 OK 5.3 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1597423925_utilizatsiya-avtomobiley.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash bb48ec78bfad99eef7f7e99249c4a239
9ea42ca6d5a9ec22978f7a010d0cffcbee663e33
292497f2ad9181f9f795983a461c16f7e52f64fc4cbfb24f1488d8c5dce0f868
GET /uploads/blockpro/112x74_1597423925_utilizatsiya-avtomobiley.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5347
Connection: keep-alive
Last-Modified: Fri, 14 Aug 2020 16:54:17 GMT
ETag: "1000000001b2f-14e3-5acd945822a52"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l3Eo34SsDsJxc%2FgiUdaXtfJrLhxsMNz5cphKnrVITtbHP6m9EnMgybzTPzIjyom8%2FC9QeL1ipuExhwcBdl0MCO5BN%2BqRVDMfN%2B8YRk7aLRaCRN2OchL1nMz674BP7i%2Fsg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee46cbeb51e-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_1306303196.jpeg
188.114.96.1200 OK 4.4 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1306303196.jpeg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash fca0bd6a8a188841a362d32eba1660af
d4a29b89d371f45e4cc026d088523b11aafb7074
bbe3e829a88bd860a40d5407b7139397020837c348286c45ce84a2d17e96aad0
Analyzer Verdict Alert fortinet Malware
GET /uploads/blockpro/112x74_1306303196.jpeg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4386
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b23-1122-51089b9947cb2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3N1Vm9iM6NGiwSKKHYxg%2BgPwjFuDdSkjnHVTbvZx3EPncQWg9ppLdaISyjia7m5u3R3FCXMuHC0tO%2BDGa%2FjC4e1FmUtl%2FYHo4ltoClKG0%2F0Vxr87Xodt4%2F2%2BTzR6WqHMg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee49949b4ff-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_bmw-6-series_1320423568.jpg
188.114.96.1200 OK 3.0 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_bmw-6-series_1320423568.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 281360e82dbc3c63d6905a62f11c5271
35660f952ae2ba34a598654c3924b029949fd2cf
7e574cf3a69010ed71168a22befcf66e4e6f53ce823f7df0cec8f383cd7722c4
GET /uploads/blockpro/112x74_bmw-6-series_1320423568.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3021
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b75-bcd-51089b994a3c2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs3SwqIWnH60%2BhIYH0cH0E0r4PM7ElUsMD%2BlZtQMshuqmmJAuv5vPf99dQJoLNUcAANg2A8jp3Vqcu3fj2xoh4mwIQyVmfgDivGYJyLR7cJYkQyttgKv6zW0w%2FUpeqpW0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee4ab7c1c16-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_1283493965.jpg
188.114.96.1200 OK 3.1 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1283493965.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash db304e3485b84a7110c4eca1494be8d3
9361e19c49ba13b4e19203986c8808e30939c814
144b0eeb460e21666c4a48d9605fe320919311e9d9074b4b94a4e38527a6703b
GET /uploads/blockpro/112x74_1283493965.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3071
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b19-bff-51089b99714c2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS1QWrbtglgxnNzWWtUJD9KhokdCIWnvu6LCvvOQc35986ATwPs8rqp5H5zUtCWEJYksPbHqwqFPO0eT8uz%2FH7CloApaTDjaJxwAjnyiuGZqTJO%2BJcuVHCeaEQvsIa%2Bs%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee55d3db51e-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b70adf021425d7e992c7cd64481c8e31
cb773403e99992c587353a18b06b4fdf3437d316
5e368e20981d070814b693ec0fdf1ed743a4b7219d53c4059e35411bf0392c0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E368E20981D070814B693EC0FDF1ED743A4B7219D53C4059E35411BF0392C0D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8455
Expires: Wed, 30 Nov 2022 06:44:26 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
avtodom-kzn.ru/uploads/blockpro/112x74_1287555710.jpg
188.114.96.1200 OK 6.0 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1287555710.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 3862e3d09a6d6d91a285294394203d8b
f45949bc539947b84f273b4f1ce1fa354b06a8c0
30f5868646353730bb02f29b7ac275009ea13145d3a3cf956f247ccee59dbae7
GET /uploads/blockpro/112x74_1287555710.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 6027
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b1d-178b-51089b99714c2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC7MPtzH2hqqi4zOw7il%2Bz4FSz7ms382Lzt9ygJqUBJFnYKPo3k2qILbzcD0KoKrfXf8nlJKb51e1X%2BTV4r4XakhgxsEkcWn%2FyXtm8%2FAZb1d8lNXjY0M%2F4wP0aX%2FRiCclA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee589bcb4ff-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9735c18e01330c6a7939158c938e4a79
e109a5497eaf0b7390dad58ce2857cdd181317f4
6e6a68ff6e320cf1ad4c0fe0679667285308aa6d1e06b25b41051f08fce3bb40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E6A68FF6E320CF1AD4C0FE0679667285308AA6D1E06B25B41051F08FCE3BB40"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13890
Expires: Wed, 30 Nov 2022 08:15:01 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
avtodom-kzn.ru/uploads/blockpro/112x74_nissan_1320309099.jpg
188.114.96.1200 OK 3.6 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_nissan_1320309099.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 17e483bc4bb9fee41fd23cd2048218cc
1a0141ed4fb2ad341c5abeeeda70e11e0e6f4894
5a0aed9a270d99b7d65b6d532c34255780386784cf86e5ac4a04f1fd1ddb1796
GET /uploads/blockpro/112x74_nissan_1320309099.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3569
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bb7-df1-51089b99455a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xK4IDLf1oX9X6eMRnJRp9H0fv7M8Ic7rVLdxBwQrl2UwTPp7JJpxTPlJC4DU5QwkNEJM5jd22B8C70uEridyDM5P9Hc4e0XkUOOE8svwQKaySEFm2j%2BGq%2FuHx7X6zQ0%2BTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5194f0b51-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-c63-amg_1324555593.jpg
188.114.96.1200 OK 5.2 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-c63-amg_1324555593.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 47c4603a7ede24df68a03a85a9994f4e
dd418141c52c1c0d3b8ce8d68cac2dc777c6ea07
be4e82ccef01d1801c803ae146f6174649b827f1d00ac7be76b250423fd5a762
GET /uploads/blockpro/112x74_mercedes-benz-c63-amg_1324555593.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5194
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bb1-144a-51089b997ff22"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCfKPaIm19aCnoI%2BSTk2SnyOULHGZQpSelExfyjiuyOMRDhX9RtSud56f7OV9JJexA0u4h08RyqhXvZvSq9HXdGPwCJAda%2FwaP9D7k9cZz0asgSKUmI75CyvDFrkT9qHHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5abc11c16-OSL
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.216302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.216:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3303420AC3DA86635A008AB702060B36
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDM2OG2sO3igBaNgsGAlkRA8pTQZW1H5tsTosaEHAwhFjG; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
avtodom-kzn.ru/uploads/blockpro/112x74_range-rover_1314296633.jpg
188.114.96.1200 OK 4.6 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_range-rover_1314296633.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 0e7625dfead76ce6d9b6fd329dca3bd0
47b2a0870d4b1e80188587a9d1a2fbc1e2ef091c
2bc6a4ab7d6098e6dfdb80155d49786690e17728e334a41e54184b9a810e772b
GET /uploads/blockpro/112x74_range-rover_1314296633.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4645
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bd7-1225-51089b99762e2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9blz85d2iiBPbVsaskM1hLlrZZb5sKjFfCNLW0d239nUAaFfiZCfVYG23s7zmWLlRzvY1ErX0sCGN1QulWhC2XDa1cDtprMXbmDCUAyFtbPPnfE3GCzK2GxhIQwGQhe9Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee528ddb503-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_lamborghini_1297576455.jpg
188.114.96.1200 OK 3.2 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_lamborghini_1297576455.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 3f91bd124b9a80a3c2f4542295265886
99a1ae8c99252525619daf76fe62da10147ff438
f9193b87146ebd822f259b6e81b5e0d5b0114e356cdcb3a3bccd79abc5185f40
GET /uploads/blockpro/112x74_lamborghini_1297576455.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3246
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bad-cae-51089b99455a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LndF7NLvchbUGTdADVzEwiEYr1BWHGeOSCujf%2BS2bzqfzqJ1jNUXrJEh7uf%2B6gICmhJlm2VtpVPdaaIAYc6AdS3G49MRPo2VYiH6hzYL6z4GJIFY6KHZbUsH2F9IJwAEVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee53e92b512-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6af0e1fdb65f3cc3718b99bead1f9b5b
5258190d223960ce20e8456ee26ef2d3b0cd9f0a
e07851e40a79d50ea3b23979d38ee080900cf0d28098457353dc940e034137d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E07851E40A79D50EA3B23979D38EE080900CF0D28098457353DC940E034137D9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Wed, 30 Nov 2022 05:17:02 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
www.acint.net/mc/?dp=10&tc=1
46.4.114.109200 OK 1.5 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ec0d0791d2a404a7ffefb0ea45e4772f
8f19a43405ef00eda0c5e97e595953c1bd14f9c9
4479099833f25cb919f2327923cd2d0dcd858ecb4af7fa325af6fcb5af6923ad
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:30 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1669782210; expires=Thu, 01-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1669782210; expires=Wed, 14-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1669782210; expires=Wed, 14-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1669782210; expires=Wed, 14-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1669782210; expires=Thu, 15-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1669782210; expires=Fri, 30-Dec-22 04:23:30 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.130.133:0
Hash ce1bf85e9240317e22c7fe9017bc795b
0accf2ba16cc76be9de2e71855e8fd284409269c
2e39719990d5fd9acfac9c0d5ac9cc6c76968387bf7bbf6cbf9fef72c695016a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 03:56:36 GMT
ETag: "0accf2ba16cc76be9de2e71855e8fd284409269c"
Last-Modified: Wed, 30 Nov 2022 03:56:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:31 GMT
Age: 198
X-Served-By: cache-qpg1259-QPG, cache-bma1629-BMA
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1669782212.567007,VS0,VE1
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-340_71.jpg
188.114.96.1200 OK 5.3 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_volvo-340_71.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 3970d80643a4f35cd750004193aed728
81a031baaffe658112f120cd73f94f1cb6cef276
ff8f261edbe49b9a1b69244c5d5074608d2e6efe01b9ac6558a32ec00010609c
GET /uploads/blockpro/112x74_volvo-340_71.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5328
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c2e-14d0-5108a522dc5a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FKqFByI6%2F574YgPbqY%2FR%2FtLcQZRGb7bHZJE1HjpnsKAxn70PxJ9Q5r8FTepGWkGOLLowgW15kxbejHReG4x6wTl%2FoSDUDm0kZv10%2F%2Brz8w3YhQF3sgcnnLK4z9wVZXAog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5f99f0b51-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a378e3cc6029dde181c06e0e0568cfa5
0eedaf829e2aa8ed4515963f324fda6ce6c1a024
00c029ae05bbc62c592d0aa39980d2143aa880833cbda0cf89301c2d7b790897
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00C029AE05BBC62C592D0AA39980D2143AA880833CBDA0CF89301C2D7B790897"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13641
Expires: Wed, 30 Nov 2022 08:10:52 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
acint.net/match?dp=14&euid=3303420AC3DA86635A008AB702060B36
46.4.114.109200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=3303420AC3DA86635A008AB702060B36
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=3303420AC3DA86635A008AB702060B36 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e9f26643cd130fc449a7cb7a33aa812
757d6ae8b71a82d35530eaac0a23c17318dfa694
21ec57af3facc5c04613f4171aa1afed199921d0aee351a784a0c913c9eda6d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21EC57AF3FACC5C04613F4171AA1AFED199921D0AEE351A784A0C913C9EDA6D3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7154
Expires: Wed, 30 Nov 2022 06:22:45 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Wed, 30 Nov 2022 04:23:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=GJDHWVMR
Set-Cookie: uid=GJDHWVMR; Expires=Wed, 30 Nov 2032 00:00:00 GMT; mf2=1; Expires=Fri, 30 Dec 2022 00:00:00 GMT;
ut.rktch.com/matchspm?pi=1000005&pui=0100007FC2DA86632502402F02022817
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=0100007FC2DA86632502402F02022817
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=b759277b2e1c37b19eb8613cdabf15349ecc; Max-Age=2592000; Expires=Fri, 30 Dec 2022 04:23:31 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
sync.dmp.otm-r.com/match/sape?id=0100007FC2DA86632502402F02022817
138.201.65.74204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007FC2DA86632502402F02022817
IP 138.201.65.74:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.4
date: Wed, 30 Nov 2022 04:23:31 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-e-class_1297830162.jpg
188.114.96.1200 OK 4.1 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_mercedes-benz-e-class_1297830162.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 1ef4d536f8ff7913c24895fce9e4f713
494e84981a196e12ed05d8a5ef45d1bfccee7708
cd4e32e91d9529f77ad84d4d9f2343e960417337cc880e827827366a1eb58ec5
GET /uploads/blockpro/112x74_mercedes-benz-e-class_1297830162.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4136
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bb2-1028-51089b99789f2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B74Sa6L9KxXmibdBGBTxesPPEcvhcZcz4fU%2BKX%2F0G3jrVkfqUEb27Ney47PotftME7DYXfzRw5AvRfkw60FNV6ISKXYnD9g85qcTS0vBZXpR5dMA3kgNndQqqtS32vVuFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5e9e2b4ff-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.130.133:0
Hash 58b894fce9e83e3b9bcda914c2bc5244
65e9ce6301df2c849b1ac17066cc566078700e7a
7e81142aed079dd789d872f1b974cc90345852274fd1e7c091c57c10483232e5
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 02:37:33 GMT
ETag: "65e9ce6301df2c849b1ac17066cc566078700e7a"
Last-Modified: Wed, 30 Nov 2022 02:37:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:31 GMT
Age: 2757
X-Served-By: cache-qpg1250-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 135
X-Timer: S1669782212.613318,VS0,VE0
acint.net/match?dp=110&euid=8e3385453e5f483ca5219a138e498311
46.4.114.109200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=8e3385453e5f483ca5219a138e498311
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=8e3385453e5f483ca5219a138e498311 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4455b95998dcb02c0d77783b31bdda21
f743e50c365ad063ac17c26190d751c8655c028c
6d9938a902700069b2aaf56b242d06fb0475be4868472373d8c9b30cbfce707d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D9938A902700069B2AAF56B242D06FB0475BE4868472373D8C9B30CBFCE707D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3693
Expires: Wed, 30 Nov 2022 05:25:04 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
avtodom-kzn.ru/uploads/blockpro/112x74_lada-granta_1329137515.jpeg
188.114.96.1200 OK 4.8 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_lada-granta_1329137515.jpeg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash b3c5f3b4fd97074a4f66726b94c54fa3
fc0d5a61766d2762510fa3b16cb080ebe52a8b47
bf7ee263f3994e22726f6b933f9618deff6b4c7bb317f37d429133f48e5e34c5
Analyzer Verdict Alert fortinet Malware
GET /uploads/blockpro/112x74_lada-granta_1329137515.jpeg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4765
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001bac-129d-51089b996c6a2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y11PVkXaG9g3fhkUpgGd9JWrkmHzFGHBOGzfFS0DN5sn81C8bpvYmgwCOGCRyN4FHEsuDRTsO%2BKDVQ7PkOfG02bHFlgZjwxTDMB1ZpnWO9kl0m9kPKVwuJY4M06Db7iMOg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5bd5ab51e-OSL
sync.upravel.com/sape/sync
78.46.16.13302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 78.46.16.13:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1669782211608;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1669782211608;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ef4e8eb1e0f07b1edd0ae55f6bd5a2a
55dc5b42b7e8f110fd0d59234275ce0043d0adca
a4d6e816fee030f8012ce8b5804fd80fb451f6b91aa42e7e96c6c441048e1df7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4D6E816FEE030F8012CE8B5804FD80FB451F6B91AA42E7E96C6C441048E1DF7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13122
Expires: Wed, 30 Nov 2022 08:02:13 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=GJDHWVMR
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=GJDHWVMR
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=GJDHWVMR HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
109.248.237.37302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
IP 109.248.237.37:0
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=pib0w5wb8h
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=pib0w5wb8h
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=pib0w5wb8h HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
avtodom-kzn.ru/uploads/blockpro/142x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg
188.114.96.1200 OK 5.7 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/142x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Hash b33425c9e65ab4d920cd477d3b291900
3cfae5d1ac0f11286d7c9a6b02194425b2a763c0
5a8c6762095a1d5124a2883246721abff91fad10319ae3d70d9773131a69f629
GET /uploads/blockpro/142x74_1448297497_mercedes_sprinter_s_lux_23_287_200.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5674
Connection: keep-alive
Last-Modified: Mon, 23 Nov 2015 16:51:23 GMT
ETag: "1000000001c46-162a-52538090d49b9"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2tqakIOXiJrnhCkBQwqqGYFF6VcwKMgDSrfkK93%2FPGXPpRGGGRauAPmDlhTNG53PRY53eJGUzJpsaX1fgNzgzTbt6eWNa7EVFkk7D6O6Q3mUB1Pu5EAgw4QoOo1q61mjw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee62edcb512-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ef4e8eb1e0f07b1edd0ae55f6bd5a2a
55dc5b42b7e8f110fd0d59234275ce0043d0adca
a4d6e816fee030f8012ce8b5804fd80fb451f6b91aa42e7e96c6c441048e1df7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4D6E816FEE030F8012CE8B5804FD80FB451F6B91AA42E7E96C6C441048E1DF7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13122
Expires: Wed, 30 Nov 2022 08:02:13 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
0100007fc2da86632502402f02022817-sp.ops.beeline.ru/p?ssp=sp&id=0100007FC2DA86632502402F02022817
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 0100007fc2da86632502402f02022817-sp.ops.beeline.ru/p?ssp=sp&id=0100007FC2DA86632502402F02022817
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: 0100007fc2da86632502402f02022817-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=57930df0-efa3-4220-be8c-f23e5416f8ca; expires=Tue, 21 Nov 2023 04:23:31 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.36
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=0100007FC2DA86632502402F02022817
31.220.27.135302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0100007FC2DA86632502402F02022817
IP 31.220.27.135:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=udmn9UzpOdANFan4LhhB
set-cookie: jcsuuid=udmn9UzpOdANFan4LhhB; expires=Thu, 30 Nov 2023 04:23:31 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a51bed3d90e4059a74ba9368573a2147
a3435cd6360fff30efb00edf9867583870965d5e
df8bc13f0a8eaa6496dafa686c74add64ea7356acfd00788920a86a9bc02e273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8BC13F0A8EAA6496DAFA686C74ADD64EA7356ACFD00788920A86A9BC02E273"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9587
Expires: Wed, 30 Nov 2022 07:03:18 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-850_66.jpg
188.114.96.1200 OK 4.9 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_volvo-850_66.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 18bf22106a94b9ec87439ede39930752
f5815b609bf07bb80259c118c1be4eac27f47939
3de27ebe317276bfd3da247e87ffa80cab0ed41eb9e979c88e0c5da9fa2f6bd1
GET /uploads/blockpro/112x74_volvo-850_66.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4918
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c30-1336-5108a522e5244"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhwwNGikrxT0Td9KRt%2BLP3qOpILkNuACgb%2FK4QNpHVkNCWDgsrL7xtnN7ebkspW0Pit50ZOChtooFlOs5FS7sddv8z9MZPMejRNmOWGsZMszZS9yQ%2B%2BGiEDRFGGvkDcKWg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee5fbdd1c16-OSL
pix.bumlam.com/sync/sape/check?sspuid=0100007FC2DA86632502402F02022817
31.172.81.158302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0100007FC2DA86632502402F02022817
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-360_51.jpg
188.114.96.1200 OK 4.1 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_volvo-360_51.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash b0d4961449f63050a5868b3c3f860d91
5b9106a4e2eca91b976918f308d6eaa2351a0371
9b79f8fee9dd9ee0f5e35328c99f32215bdf79d024ccca38f96166375ad37a04
GET /uploads/blockpro/112x74_volvo-360_51.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4123
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c2f-101b-5108a522decb3"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wlpw64XF2n4UEEQWmwI7zKcwOUX0Cr2vFITmEtxbI3Fcvf4vN598jl22g4R486O2rKWnWyVZ%2FUMWXiwscD8hQeD3WK6RXvjlBSJhpr8ebPIgWgyziHhzH7vjrfHR%2F3xFsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee69a2db4ff-OSL
sync.bumlam.com/?src=sap1&uid=0100007FC2DA86632502402F02022817
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0100007FC2DA86632502402F02022817
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjQ5Y2VkMC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3
ETag: bf49ced0-7066-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
nr.bidderstack.com/sape/cm?user_id=0100007FC2DA86632502402F02022817
23.88.12.13204 No Content 0 B URL HTTP/1.1 nr.bidderstack.com/sape/cm?user_id=0100007FC2DA86632502402F02022817
IP 23.88.12.13:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/cm?user_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: nr.bidderstack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
mediatoday.ru/core/match.gif?s=32&id=0100007FC2DA86632502402F02022817
139.45.228.111200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=0100007FC2DA86632502402F02022817
IP 139.45.228.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUx2q2akilXoy8D; expires=Sat, 27-Nov-2032 04:23:31 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
78.46.16.13302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 78.46.16.13:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1669782211608
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=e9b544a1-dd16-4a45-ba6d-fc33691117c3;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=e9b544a1-dd16-4a45-ba6d-fc33691117c3;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=57930df0-efa3-4220-be8c-f23e5416f8ca HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
avtodom-kzn.ru/uploads/blockpro/142x74_1478798412_donald-trump.jpg
188.114.96.1200 OK 5.5 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/142x74_1478798412_donald-trump.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Hash 845808fe0445081c9df11652b50a0155
f8cf632e03c47edf46d3cf6471da9cd26a6c7cdc
3f116b841e76a052c1be3186fd94e59fc1bdf224b8ec727626580381a0e9984b
GET /uploads/blockpro/142x74_1478798412_donald-trump.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5519
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2016 17:20:18 GMT
ETag: "1000000001c47-158f-540f59673c1e8"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edlxyc7eun21kUcr%2FilO7VodBTWViiXqJo9isT9qu%2Fw%2Fri0EwyJwslIGNG5YbTLsqNSF2Als6zDySLqwu4n0Se12BRZOGqEkIpJR2EoWCKV7VOI2kjOwJ0%2BNp2f4Fg%2BCNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee62949b503-OSL
www.acint.net/match?dp=127&euid=udmn9UzpOdANFan4LhhB
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=udmn9UzpOdANFan4LhhB
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=udmn9UzpOdANFan4LhhB HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash fd17d2a0cbcfc6ac2c299032ee3a8044
971e581c49a1daa4dacf9bae569cffbe7235249b
357c697f582c1287b42a697c3d3f81ef212cce9f4858f8016ad0c5fdff3d5b9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 149
Cache-Control: max-age=126965
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:31 GMT
Etag: "63862723-118"
Expires: Thu, 01 Dec 2022 15:39:36 GMT
Last-Modified: Tue, 29 Nov 2022 15:37:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-940_29.jpg
188.114.96.1200 OK 3.9 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_volvo-940_29.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash a072680efad6f64def22aec1289f15b3
adfd7d6065b8b993d7d1901ca13330b236a037fe
29d5063022ea3137cd2d85b9799e1944a6ef301736561de5993e16477bb8f083
GET /uploads/blockpro/112x74_volvo-940_29.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3913
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c32-f49-5108a522e2364"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHSMpMxIELGCaW8iVFFilrHLtbta8xXyv73F4ljwI2m47fdftPQeh%2F7Ah0t57K7HD1ciccVlHxKnxCBCePkI0f9H7ojvH5TFF19WBEvW0ZaToA9%2FN2VPUpHbMk4cI6wtzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee6cf22b512-OSL
match.new-programmatic.com/userbind?src=sape&id=0100007FC2DA86632502402F02022817
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=0100007FC2DA86632502402F02022817
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Wed, 30 Nov 2022 04:22:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 187fc76c07c5b145d7653c93a62a8a18
6c13f79f4ea15dfe1dc387f7013d08088bcc6636
985df91528e58b440a9276b97f9110886011b3cd25c2b4e642f4be256be987fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "985DF91528E58B440A9276B97F9110886011B3CD25C2B4E642F4BE256BE987FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17288
Expires: Wed, 30 Nov 2022 09:11:39 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
avtodom-kzn.ru/uploads/blockpro/142x74_1429719009_6080_default.jpg
188.114.96.1200 OK 5.7 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/142x74_1429719009_6080_default.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Hash 351cd799f72c5c2b09a1d2c41356c7d7
149dc94e118719c0b75a6ec76836a10dd134c0eb
ced3c45b2b53f1d0cd206b51f35ec4fb8179237a7883d08d1edd4563a3aa3a3e
GET /uploads/blockpro/142x74_1429719009_6080_default.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5741
Connection: keep-alive
Last-Modified: Wed, 22 Apr 2015 16:10:34 GMT
ETag: "1000000001c44-166d-514526729c023"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw6qDHTLlRzoNUXvUCElHl6dbTeDXvhnj%2FzRHS5KiNoJ%2BDjEayeCXRSEfkNm3DrkECGYEm1wi%2FMWWg7tSMVHNANdpTPIj7e0S%2BqZi8iDM3GHTBaY1YYv1Do9i6SRb%2Fx1qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee659c50b51-OSL
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-xc90_4.jpg
188.114.96.1200 OK 4.0 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_volvo-xc90_4.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash f51d368a86afcd198614ee0fb38804f9
5c90eeb6ca989c762d10945a08996ff2ef69816c
ed440c8035f3d621fda905bac4712a57d04616531e128677591f1fc0df293a61
GET /uploads/blockpro/112x74_volvo-xc90_4.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4004
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c34-fa4-5108a522e94ad"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izr%2FHqBhJvg4pCXR7h%2B%2FwFfxVvmZdOv8dJYAiiLunVZAVhrg8gPNyAWOA3bVOwekfWCcx83Xd8BMIaFaxkkaTW0rGdRvJbHHCW34R38ROj5S4we5y7YULP9sX2ooxUsEoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee6ec071c16-OSL
sync.bumlam.com/?src=sape
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc*
ETag: bf5481a4-7066-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c886ffb217c4b9d2ff9b44ce2988a13
d4c1f420e2bbfb2d0ad07f5cf1ff2b3b967aad3b
fb7db5cc863e701be831a8515e6bd6091e91714b6ca95e838699338c0324133f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB7DB5CC863E701BE831A8515E6BD6091E91714B6CA95E838699338C0324133F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3809
Expires: Wed, 30 Nov 2022 05:27:00 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
www.acint.net/match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=e9b544a1-dd16-4a45-ba6d-fc33691117c3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=0100007FC2DA86632502402F02022817
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0100007FC2DA86632502402F02022817
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679
Set-Cookie: uuid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679; expires=Tue, 21 Nov 2023 04:23:31 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.bumlam.com/?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3
31.172.81.172200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjDtZucBmIgMDEwMDAwN0ZDMkRBODY2MzI1MDI0MDJGMDIwMjI4MTeiARC_Sc7QcGYR7asVACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjQ5Y2VkMC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjQ5Y2VkMC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
avtodom-kzn.ru/uploads/blockpro/112x74_volvo-960_50.jpg
188.114.96.1200 OK 3.9 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_volvo-960_50.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash d164d460e31c295c8df16cb73b885db7
a4e566e4a86d22f359b6e5e86f05067b16827142
fe2b6372adcb9cf52dd1435d9b253f1636629a67c282e70c81886f0560e7f438
GET /uploads/blockpro/112x74_volvo-960_50.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 3853
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 13:12:33 GMT
ETag: "1000000001c33-f0d-5108a522e7955"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN5ZRsMFFBtS8cGC9fyX%2Bq7DFip%2FExsNQHXfRFEEjto%2B0bwlTFjvZMGHcXja6Tt%2FjvF2GKf4fiejK%2BXQp7N9tTmSohpw951nSMoLnpccaTWV30qys%2BwQhQN1b8NNXKd6Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee6bdb4b51e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6b9efc56a5c83007514905bc0fbb010e
9133a19f469b8cc3d2fb36399c0955554b0fe1da
d0c5cd5deea1f0b5e77402c785309b5088f732f05ddb5a2ef90f66541c4f0aa5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:41:02 GMT
Expires: Tue, 06 Dec 2022 15:41:01 GMT
Etag: "9133a19f469b8cc3d2fb36399c0955554b0fe1da"
Cache-Control: max-age=558449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720cee67fb6b518-OSL
sync.bumlam.com/?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc*
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc*
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape&s_data=CAIQARjDtZucBqIBEL9UgaRwZhHtqxUAJZDIJDc* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Tue, 25 Nov 2042 04:23:31 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
avtodom-kzn.ru/uploads/blockpro/112x74_1307942685.jpg
188.114.96.1200 OK 4.4 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/112x74_1307942685.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 112x74, components 3\012- data
Hash 268a51411511d1f4bec05861e9b36a8e
815a113a4f6f6fc2e9367e7cb480c2faccb1ab36
9c90022ffbde39413c4e25827fec129fe65fb1575913bffebe165d9855c075a9
GET /uploads/blockpro/112x74_1307942685.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 4432
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:53 GMT
ETag: "1000000001b24-1150-51089b99518f2"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Fg%2BXNs9WHhy43mAGfPBBhdXV8TvJ4vVH%2BtYnATZIxEVOY62%2BaPbzAIM%2BR6%2BajUwIBonCgAIJIsBUmQQ4gaoap%2FroQWYSaviCYqnBlgpvgrT3Y7LFRsIiEG6nNh3xzsjlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee719b8b503-OSL
www.acint.net/match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=95b7bbef-3e25-4cf3-90df-1b87f0d1f679 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437
31.172.81.158302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=bf5481a4-7066-11ed-ab15-002590c82437 HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com/?src=sape
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
168.119.8.212301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 168.119.8.212:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash d5044e8a2baa5c097a5300ba1dc81e2e
1702a6cc4e929beaa2bd3db43d1842b92a81a247
0934437be642aa63cbfc13368de81e16a8b6adb34b5af648277936e5911da184
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 04:23:28 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae
serverid: TODO
X-Firefox-Spdy: h2
avtodom-kzn.ru/uploads/blockpro/152x74_kit-ili-slon_mercedes-bmw_1.jpg
188.114.96.1200 OK 5.7 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/152x74_kit-ili-slon_mercedes-bmw_1.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 152x74, components 3\012- data
Hash 5afc310b23c1504709eb315336361e65
62f0c4d4014ff50a31204710aa63eb86bb20bef6
8befd0d78ddf859bd3a15e37e4f1556046e206f23cd06ae973e7fd184b53efa0
GET /uploads/blockpro/152x74_kit-ili-slon_mercedes-bmw_1.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 5720
Connection: keep-alive
Last-Modified: Thu, 05 Mar 2015 12:29:54 GMT
ETag: "1000000001c99-1658-51089b9a2fba3"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mJpP5yDOpHOEN2YpR%2F%2Ftnfw%2BkDDrR0%2FlH762RsltXBuLaWeWEvnv1u9XsNI43nm3Lx6%2Bqfud8q9QN76TCdMPehn3ntqNNFrEsANdGrWJPzzLWvQd9jRIXPo8fIy7CgjTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee73f3cb512-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 21f0f9e8c27f0710173535d10434c08d
034a44832a61c779932be899727e3ac12e71db3f
d5f0357c1c0bd94f23175c7d8d007a8c5c9c00ba9ad98fed9aa16ad6972d834d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:26:44 GMT
Expires: Sun, 04 Dec 2022 11:26:43 GMT
Etag: "034a44832a61c779932be899727e3ac12e71db3f"
Cache-Control: max-age=370391,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720cee708e10afe-OSL
www.acint.net/match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=5af8a4a8-a510-4dca-482c-51c919e2c2ae HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
avtodom-kzn.ru/uploads/blockpro/142x74_1597423925_utilizatsiya-avtomobiley.jpg
188.114.96.1200 OK 6.6 kB URL HTTP/1.1 avtodom-kzn.ru/uploads/blockpro/142x74_1597423925_utilizatsiya-avtomobiley.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 142x74, components 3\012- data
Hash 1a06faad16919d7a25079a91b090fb90
646447f24b70d5ae2aa8ab0887e6a03449db65d3
e3f2908ab18c928e7230ecb30e5106a5de469ec9e357143330224406f591ccd2
GET /uploads/blockpro/142x74_1597423925_utilizatsiya-avtomobiley.jpg HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 6632
Connection: keep-alive
Last-Modified: Fri, 14 Aug 2020 16:51:58 GMT
ETag: "1000000001c48-19e8-5acd93d3a70ee"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfCcUEcOyM2nG%2BkzAX7HVfaBUPjs2RA%2BYRbxAs59asMFJUnyKdQDaYcFb%2BnZi8%2BufsxIt4gWkooWMLdOzFpMDxfEQhyhEkNJxiDKl0zXaENS2hPPrMmBMSWxc2ajspysKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee71a54b4ff-OSL
dmp.gotechnology.io/match/sape?id=0100007FC2DA86632502402F02022817
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007FC2DA86632502402F02022817
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007FC2DA86632502402F02022817&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10370
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10370
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04544caa268aa7cccf11691396fd33fa
0fbc1ec62717acbd8e9a24f20905029cb1670987
fd24756e6773ec189e73523dcf58fc8ce3460d614faeac26b9140cc2afd7e557
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD24756E6773EC189E73523DCF58FC8CE3460D614FAEAC26B9140CC2AFD7E557"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4954
Expires: Wed, 30 Nov 2022 05:46:05 GMT
Date: Wed, 30 Nov 2022 04:23:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cb669522a324cd5d9ba1b1743138d38
71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0
a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:59:07 GMT
age: 23064
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
avtodom-kzn.ru/templates/auto-new/images/favicon.ico
188.114.96.1200 OK 1.2 kB URL HTTP/1.1 avtodom-kzn.ru/templates/auto-new/images/favicon.ico
IP 188.114.96.1:0
File type MS Windows icon resource - 2 icons, 16x16, 8 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash 936de38c771e52b547d0d040a88d9d50
696daabd912b187598f32d21bf7429d568cf6d6b
d0736c0cd4c8edd9739c6bbac5d98abd12b6aef92883e393937bcc356fe7051b
GET /templates/auto-new/images/favicon.ico HTTP/1.1
Host: avtodom-kzn.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
Cookie: PHPSESSID=dt7gnk5pnkpfmvhk60fui83c97; fid=02884d1f-2511-4581-9c78-1a93c8e990d9
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 May 2012 19:58:02 GMT
ETag: W/"10000000016aa-9f6-4bf2738a7e680"
Via: 1.1 avtodom-kzn.ru (Apache/2.2.22)
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFVAhH%2FCHnrevx0CC%2BLKxp6dVEcikJDTtRIvaPZWa5lHSiELu%2FUd5fbwvVr3cR3Vj7Cp%2FwZNevat2X2%2BDSiNXgUftcWrHCqqOV0VJj1aMz1DILFhi%2BxNExcG%2BCGEXX8Qfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720cee86a40b503-OSL
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 23925
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
212.116.120.34302 Found 6.7 kB URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 212.116.120.34:0
ASN #48096 Enterprise Cloud Ltd.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a8c2292c953e41a108b1ca1f83b5134
0c3e4019730bae709f01d0fcbc6b4b0f20388c0f
155552a78d298bb7f16b41375faf63037de17d1caee1a836bbd512c2e4e5d1fa
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=8e3385453e5f483ca5219a138e498311
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=8e3385453e5f483ca5219a138e498311; expires=Wed, 29 Nov 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Wed, 30 Nov 2022 04:23:30 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 23922
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c14828912decf19c9d95fee93e92f00
49a82390cbf2139bf681d896f9467ab736e0b337
bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s1eFJ0mtTFv3DFwwZ52JWOCDJWFA9IRiJ54L0JSkxzxFLnFIgts2CA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
content-type: image/jpeg
age: 23936
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e08af5b1d18986e112913c6e69cc8ce6
151b60134a66305bd72dbb3810f67a57720b2af1
555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:48 GMT
age: 23923
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
95.211.66.35200 OK 43 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /merge_gpsid/?sid=50&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Wed, 30 Nov 2022 04:23:31 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com/?src=sape
82.146.53.26302 Moved Temporarily 0 B URL HTTP/1.1 bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com/?src=sape
IP 82.146.53.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: bf5481a4-7066-11ed-ab15-002590c82437.n7.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Wed, 30 Nov 2022 04:23:31 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
pix.bumlam.com/sync/sape/done
31.172.81.158200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.158:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiRiZjU0ODFhNC03MDY2LTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.65.188302 Found 1.4 kB URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.65.188:0
ASN #24940 Hetzner Online GmbH
Hash 3ac8e8126ca31888cda616c7dea2ffb1
7555485eb4ce854c889cd757fd6d11142cbf9a46
3d6558ca141f37ff35fa75452fc26d4e798028fe1ea11ff019dd21b8a02b0cf6
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Wed, 30 Nov 2022 04:23:31 GMT
x-request-id: d1f42864-d839-423c-8d38-bf0f13d29de5
set-cookie: bvuid=pib0w5wb8h; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=pib0w5wb8h; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=pib0w5wb8h
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 151.101.130.133:0
Hash 3ac8e8126ca31888cda616c7dea2ffb1
7555485eb4ce854c889cd757fd6d11142cbf9a46
3d6558ca141f37ff35fa75452fc26d4e798028fe1ea11ff019dd21b8a02b0cf6
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1414
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 02:14:39 GMT
ETag: "7555485eb4ce854c889cd757fd6d11142cbf9a46"
Last-Modified: Wed, 30 Nov 2022 02:14:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 530
X-Served-By: cache-qpg1268-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 4, 13
X-Timer: S1669782212.153144,VS0,VE0
ocsp2.globalsign.com/gsalphasha2g2
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.130.133:0
Hash 673aab22ad39e3b5c4f7fb79e3f01515
eabc026ae17b39bdf984065243ee156b59abc74b
07dc319cefcf757505b2ccfa5d3e920d5d71fe265b4f9acafad5e7ca0326732a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 01:42:42 GMT
ETag: "eabc026ae17b39bdf984065243ee156b59abc74b"
Last-Modified: Wed, 30 Nov 2022 01:42:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 624
X-Served-By: cache-qpg1243-QPG, cache-bma1629-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 2
X-Timer: S1669782212.165576,VS0,VE0
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.35302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5058049411; expires=Fri, 29 Nov 2024 04:23:32 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf8LahmMlAkAvAgIoFw
142.250.74.66200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf8LahmMlAkAvAgIoFw
IP 142.250.74.66:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf8LahmMlAkAvAgIoFw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Wed, 30 Nov 2022 04:23:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC2DA86632502402F02022817
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC2DA86632502402F02022817
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: close
ocsp.globalsign.com/gseccovsslca2018
151.101.130.133200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.130.133:0
Hash 3b77074c26df6934d95e9b2c12978d48
d020b218775e281adc4ddd0ef45c9fb648839ace
11a4091633e4a5970f8fc935e8aae4ab926bdae98d46a9389c0e55afdd59324e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 939
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 03:51:46 GMT
ETag: "d020b218775e281adc4ddd0ef45c9fb648839ace"
Last-Modified: Wed, 30 Nov 2022 03:51:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 1904
X-Served-By: cache-qpg1272-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 219
X-Timer: S1669782212.215947,VS0,VE0
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=516942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720ceea28e4b518-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 342a40dfdf02e2855bec281be0af6815
0b68216f54d6d466b28b0c581ff1fc578fa03ebb
0bc2a54f29c9c093d34ad80e3af901ce4af85c877381cb84a6f8fd604875b898
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC2A54F29C9C093D34AD80E3AF901CE4AF85C877381CB84A6F8FD604875B898"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Wed, 30 Nov 2022 07:16:19 GMT
Date: Wed, 30 Nov 2022 04:23:32 GMT
Connection: keep-alive
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411
195.209.108.35302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411
IP 195.209.108.35:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5058049411 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Fri, 29 Nov 2024 04:23:32 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0ea763dd14d73d061a6824a05ea28919
815d93f1bbd746eb482f5a21db6f9a52f3d0895b
b0f666e5bcf7caafd975aa804341411d9ea4bd9f6ae6da2430f6fb6215f4373a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 21:49:33 GMT
Expires: Wed, 30 Nov 2022 21:49:33 GMT
ETag: "815d93f1bbd746eb482f5a21db6f9a52f3d0895b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.globalsign.com/gseccovsslca2018
151.101.130.133200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.130.133:0
Hash 95150896b227bbadb5a888902e0d180a
6355c3f9bfde423f346d400965ef3f063fa64dde
4d649e1f07c58712a44d5582e4c5bbdd85aecfafbab1a3e01dbf46971569c109
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 938
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 03:43:42 GMT
ETag: "6355c3f9bfde423f346d400965ef3f063fa64dde"
Last-Modified: Wed, 30 Nov 2022 03:43:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 2390
X-Served-By: cache-qpg1232-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 227
X-Timer: S1669782212.250643,VS0,VE0
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=46c5f442-8389-524e-a182-0052c204da96; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAAE8aCWOb14lOfojEpUAm32CAk_WyEkhw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e29e1b6a4d7d8b622c0811f54ace7327
562bfa8688eba658bf77c7e51ef2e5a720b7b86d
15d20b692ecc0e6b10dd88945e5cdec4db6f4b98b4d06d55222e2df2d2ea0c40
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 04:18:21 GMT
Expires: Mon, 05 Dec 2022 04:18:20 GMT
Etag: "562bfa8688eba658bf77c7e51ef2e5a720b7b86d"
Cache-Control: max-age=601365,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 557
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720ceeaab04b4fd-OSL
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2e6727238eddf2dbc0c32a99b17a8f24
a7fe53809acbed028ceb25f3bbc1fc174eac3eff
d01e92f3492460eb71ec1133efc65c042ea3b90bfeebbc97b3cd9acb4398d2f1
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 154
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:32 GMT
Last-Modified: Wed, 30 Nov 2022 04:20:58 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ad.mail.ru/cm.gif?p=48&id=0100007FC2DA86632502402F02022817
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007FC2DA86632502402F02022817
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0PV-Xv3yInIE002Cd92V0TYE:::0-0-0-8a13384:CAASEFOsfu3wQsO5Sa3F560JjYgaYKhxe-Z59foXtO0JFPD0OwZKxisQasVxtjLtg3wF45d37V3yu7uKHtvIAFFPUUwusbvOoV1oloOuqvHSE0khjv3yjhTH8i6uWJfbMGxD7hryJF9JczxE2P4hxYgoBXIFqw; path=/; expires=Fri, 01-Dec-23 04:23:32 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Wed, 30 Nov 2022 10:23:32 GMT
cache-control: max-age=21600
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
46.4.114.109302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tag.digitaltarget.ru/adcm.js
185.15.175.133200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.133:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Wed, 30 Nov 2022 04:04:18 GMT
Connection: keep-alive
ETag: "6386d642-beb"
Accept-Ranges: bytes
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 04:23:31 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: AFFICHE_W=ojSQ9ivWIuai34; expires=Thu, 28 Dec 2023 04:23:32 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007FC2DA86632502402F02022817&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=c5f86a89-67a2-524e-b746-b8b1d4c06275; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAACYWBCR2zKJ3K_BEuZ5KMjBY6gv7vwWg==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.130.133:0
Hash ca7973defaca7804eb53c6a3736d8528
e158bbae0f9158233753529e83a06b62d0573565
57e20a8b7e9c49b6bb443212f80cf625b7cd72fe074d009aed7ace8718fe0b68
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 02:01:45 GMT
ETag: "e158bbae0f9158233753529e83a06b62d0573565"
Last-Modified: Wed, 30 Nov 2022 02:01:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 04:23:32 GMT
Age: 1299
X-Served-By: cache-qpg1234-QPG, cache-bma1622-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 21
X-Timer: S1669782212.314402,VS0,VE0
sape-sync.rutarget.ru/sync
178.170.196.9302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 178.170.196.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=PGTG5hASi3dh
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=PGTG5hASi3dh; Path=/; Domain=.rutarget.ru; Expires=Mon, 29 May 2023 04:23:32 GMT; SameSite=None; Secure
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1851587008 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Wed, 30 Nov 2022 04:23:32 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
sm.rtb.mts.ru/p?ssp=sape&id=0100007FC2DA86632502402F02022817
217.66.147.42301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007FC2DA86632502402F02022817
IP 217.66.147.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FC2DA86632502402F02022817
Set-Cookie: dspid=cb27c683-e021-4284-aefe-4f1d23807b3b; expires=Tue, 21 Nov 2023 04:23:32 GMT; domain=.mts.ru; path=/; secure; SameSite=None
www.acint.net/match?dp=104&euid=PGTG5hASi3dh
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=PGTG5hASi3dh
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=PGTG5hASi3dh HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 234a4a3c9c97d9e0e2cf3ad636b261a2
c86bd7e17dadc388154f74cb8cf8428afb2e5cd1
03c44be1aeb057ccc44b023524358f834522f123189eafdc01a9d5e06b16e225
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 04:09:16 GMT
Expires: Tue, 06 Dec 2022 04:09:15 GMT
Etag: "c86bd7e17dadc388154f74cb8cf8428afb2e5cd1"
Cache-Control: max-age=516942,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720ceea29a80afe-OSL
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0ea763dd14d73d061a6824a05ea28919
815d93f1bbd746eb482f5a21db6f9a52f3d0895b
b0f666e5bcf7caafd975aa804341411d9ea4bd9f6ae6da2430f6fb6215f4373a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 29 Nov 2022 21:49:33 GMT
Expires: Wed, 30 Nov 2022 21:49:33 GMT
ETag: "815d93f1bbd746eb482f5a21db6f9a52f3d0895b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817
193.232.150.60302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=uxk5hihUk2Hb.AikABlGExsaPDA;Path=/;Domain=.adhigh.net;Expires=Thu, 30-Nov-2023 04:23:32 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=cce71f94-be8b-524e-b768-69a9d4eeb36d; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAAI5VgCJplrnJBnQ4IKvMSOJuVRgL0QjA==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1
93.158.134.90200 OK 50 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1
IP 93.158.134.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 30 Nov 2022 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.191.196200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.191.196:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
tuuid=d541bc3c-415f-524e-acc8-afebcf4e752f; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
ut=Y4baxAALI5B0qt0TKqnn6vCGaXzUS3xe5Z7Ziw==; Max-Age=31536000; Expires=Thu, 30 Nov 2023 04:23:32 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1
193.232.150.60200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1
IP 193.232.150.60:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007FC2DA86632502402F02022817&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-type: image/gif
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
tag.digitaltarget.ru/processor.js?i=921994724795376
185.15.175.133200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=921994724795376
IP 185.15.175.133:0
File type ASCII text, with very long lines (15897), with no line terminators
Hash c9571a7ce0a22f154c74bdc8e35523e0
101feba577e71fc076ea5bf3f4af08b5d3fe988d
51cf59da6b7e03337540ee3ab9f8e135ff2ead958475c1bacc8683df57823fb0
GET /processor.js?i=921994724795376 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/javascript
Content-Length: 15897
Last-Modified: Wed, 30 Nov 2022 04:04:19 GMT
Connection: keep-alive
ETag: "6386d643-3e19"
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 94761464ba8a8f704548cecc2ce63423
38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85
51c92436ab7e9890dba871ca7f0d0eb6e4b3fc1ae9217e30ba9960eaa7e5c735
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 14:18:43 GMT
Expires: Tue, 06 Dec 2022 14:18:42 GMT
Etag: "38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85"
Cache-Control: max-age=553509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720ceeac932b518-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b791e396b363c462c259e47f24d08e02
13f187bcacde8ed75da820ced57d0ebe5e8f3351
daac86ec5af86c6307b74075b1b158bf881957605a7234ce1c2306e8071e8547
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAAC86EC5AF86C6307B74075B1B158BF881957605A7234CE1C2306E8071E8547"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13866
Expires: Wed, 30 Nov 2022 08:14:38 GMT
Date: Wed, 30 Nov 2022 04:23:32 GMT
Connection: keep-alive
x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817
89.108.119.28302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1
expires: Wed, 30 Nov 2022 04:23:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 30 Nov 2022 04:23:31 GMT
set-cookie: __upin=uZ4wVj9CGavcfnas14myAg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669782212;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.157307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=S9.p2n-ccAy34RA7VSin; Max-Age=93312000; Expires=Fri, 14 Nov 2025 04:23:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.157307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=jUv5tJSccAh4lH57MReu; Max-Age=93312000; Expires=Fri, 14 Nov 2025 04:23:32 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1
89.108.119.28204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1
IP 89.108.119.28:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007FC2DA86632502402F02022817&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 04:23:32 GMT
expires: Wed, 30 Nov 2022 04:23:31 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Wed, 30 Nov 2022 04:23:31 GMT
set-cookie: __upin=Dt5ALzNPnrlrC4+R8SmZPA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1669782212;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.157200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669782212622&i=361619855135317.595511760496874&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 9
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.157200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1669782212620&i=361619855135317.556712787365252&a=77&e=0100007FC2DA86632502402F02022817&pref=http%3A%2F%2Favtodom-kzn.ru%2F&c=ss:77.up:0100007FC2DA86632502402F02022817.sync:up.xdua:duuk8OQXcAqfI6ygc2lr0Wpf.xps:xpsqgsjEBILRtBVSg3MqJTGVK.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 04:23:32 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 8
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676
46.4.114.109302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://avtodom-kzn.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Wed, 30 Nov 2022 04:23:33 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676
www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=2e42dd9f-6abe-421d-b10b-33e5016bf00a&dp=10&tz=%2B00%3A00&nc=14402973&dT=2022-11-30T04%3A23%3A32.676 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://avtodom-kzn.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWOG2sIvQAIlFygCAkhh4OQ5AyZXdhry7TOoiYS/SvZ1; cSyncDp7v2=1669782210; cSyncDp14v3=1669782210; cSyncDp17=1669782210; cSyncDp32=1669782210; cSyncDp45v3=1669782210; cSyncDp53=1669782210; cSyncDp54v2=1669782210; cSyncDp62=1669782210; cSyncDp67v2=1669782210; cSyncDp68=1669782210; cSyncDp71=1669782210; cSyncDp77=1669782210; cSyncDp84=1669782210; cSyncDp85=1669782210; cSyncDp95v3=1669782210; cSyncDp101=1669782210; cSyncDp104v2=1669782210; cSyncDp107=1669782210; cSyncDp110=1669782210; cSyncDp111v2=1669782210; cSyncDp112v2=1669782210; cSyncDp125v2=1669782210; cSyncDp126=1669782210; cSyncDp127=1669782210; cSyncDp129=1669782210; cSyncDp136v2=1669782210; cSyncDp138=1669782210; cSyncDp146=1669782210; cSyncDp148=1669782210; cSyncDp149v2=1669782210; cSyncDp151=1669782210; cSyncDp178=1669782210; cSyncDp179=1669782210; cSyncDp186=1669782210; cSyncDp221=1669782210
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 30 Nov 2022 04:23:33 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ
IP 93.158.134.90:0
GET /mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1
date: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: yandexuid=9443422451669782212; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1
93.158.134.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1
IP 93.158.134.90:0
GET /mapuid/gonetdspis/NGU1ZDYzNWM0NThjOTdjMQ?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Wed, 30 Nov 2022 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817
IP 93.158.134.90:0
GET /mapuid/sapeis/0100007FC2DA86632502402F02022817 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0100007FC2DA86632502402F02022817?redir-setuniq=1
date: Wed, 30 Nov 2022 04:23:32 GMT
set-cookie: yandexuid=6580336981669782212; domain=.yandex.ru; path=/; expires=Sat, 27-Nov-2032 04:23:32 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Nov 2022 04:23:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Wed, 30 Nov 2022 04:23:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2