fantivirus.ru/page/g-data-antivirus-download-free
81.177.135.132302 Found 184 B URL HTTP/1.1 fantivirus.ru/page/g-data-antivirus-download-free
IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 80f5c0404356becf5e2f9f8699ac8d2b
0ba40bf4826a1fe072d5cc0e036333d72332c33a
241c024a7591236b5e982dbc1e1769a515431407f8c54f0b901fc18a2d6a6dad
Analyzer Verdict Alert fortinet Malware
GET /page/g-data-antivirus-download-free HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 18:29:33 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Server: Jino.ru/mod_pizza
Location: http://fantivirus.ru/
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2775
Expires: Fri, 02 Dec 2022 19:15:48 GMT
Date: Fri, 02 Dec 2022 18:29:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: max-age=149972
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:29:33 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:09:05 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7859
Expires: Fri, 02 Dec 2022 20:40:32 GMT
Date: Fri, 02 Dec 2022 18:29:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 18:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 681
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5Hy6hBow7G0XlqFI1t6wLv/WNk+K1AwEu5I3AwPHdnUJh9J2HUCwLnvn7+QqvLIuwBHxr03H/r8=
x-amz-request-id: Q63XGKCF463EGABY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 17:46:12 GMT
age: 2601
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
fantivirus.ru/
81.177.135.132200 OK 7.4 kB IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1311), with CRLF, LF line terminators
Hash d793354cc1b43deb4014bcd6d3b393c0
d6814c497f7c4884f7c26ecaf8ddfd19bdf165ce
9138f437e0d71a74dbddad43c3f16111fd04439da91fc3357d73da4fb019605f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:33 GMT
Content-Type: text/html
Content-Length: 7421
Connection: keep-alive
Server: Jino.ru/mod_pizza
Vary: Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:29:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fantivirus.ru/
81.177.135.132200 OK 7.4 kB IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1311), with CRLF, LF line terminators
Hash d793354cc1b43deb4014bcd6d3b393c0
d6814c497f7c4884f7c26ecaf8ddfd19bdf165ce
9138f437e0d71a74dbddad43c3f16111fd04439da91fc3357d73da4fb019605f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:33 GMT
Content-Type: text/html
Content-Length: 7421
Connection: keep-alive
Server: Jino.ru/mod_pizza
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
81.177.135.132200 OK 3.2 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
IP 81.177.135.132:0
Hash 9401254c10ad5f628680541a07f83cab
cf0c263aa4ae96f8875c776eea469b189b99c03a
50052c72b4c69f21a57f43ee73242100b3d6832bb05810301e423c3905ee12bc
GET /application/maxsite/templates/fantivirus-blue/style.css HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:33 GMT
Content-Type: text/css
Content-Length: 3229
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:27 GMT
ETag: "5622da2-2ffc-57c48db9eccb2"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/slinki/linki.js
81.177.135.132200 OK 1.5 kB URL HTTP/1.1 fantivirus.ru/slinki/linki.js
IP 81.177.135.132:0
Hash 2df9d564aba59e41a59174df9ed4f345
fd575e353149b6ec701b66105954e2b45bff9efe
81d4d7ea5f700be174d079070a537dd6a9254185e3e59a129baeef95e2bf6106
Analyzer Verdict Alert fortinet Malware
GET /slinki/linki.js HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:33 GMT
Content-Type: application/javascript
Content-Length: 1475
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:29 GMT
ETag: "5622fc8-1611-57c48f12c0534"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/sliders/scriptup.js
81.177.135.132200 OK 572 B URL HTTP/1.1 fantivirus.ru/sliders/scriptup.js
IP 81.177.135.132:0
Hash be225f8dd499eabf75e407f61a40bb4c
c970bf70a39f2646fc073c45b1dab19c7fd2f7c6
91405f1400f8d1e8ae6ecd6112d2fdf3f8d56199b8389dbdfbac87caace528c2
Analyzer Verdict Alert fortinet Malware
GET /sliders/scriptup.js HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:33 GMT
Content-Type: application/javascript
Content-Length: 572
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:28 GMT
ETag: "5622fc6-464-57c48f11c1add"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/application/maxsite/plugins/golosovalka/vote.js
81.177.135.132200 OK 2.5 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/plugins/golosovalka/vote.js
IP 81.177.135.132:0
File type HTML document, Unicode text, UTF-8 text
Hash 24ec2b8d0839dc60836d885a7db6da44
ba84cf88c67a1549c34c537f86de413c73641d17
433dfea3a74a37340a0e9a799af17b25a795770a6ebe2f45baca5b6d7859e65b
Analyzer Verdict Alert fortinet Malware
GET /application/maxsite/plugins/golosovalka/vote.js HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/javascript
Content-Length: 2519
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:25 GMT
ETag: "5622da0-2050-57c48db84ad00"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/application/maxsite/templates/fantivirus-blue/js/my_ef.js
81.177.135.132302 Found 184 B URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/js/my_ef.js
IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 80f5c0404356becf5e2f9f8699ac8d2b
0ba40bf4826a1fe072d5cc0e036333d72332c33a
241c024a7591236b5e982dbc1e1769a515431407f8c54f0b901fc18a2d6a6dad
Analyzer Verdict Alert fortinet Malware
GET /application/maxsite/templates/fantivirus-blue/js/my_ef.js HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Server: Jino.ru/mod_pizza
Location: http://fantivirus.ru/
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/application/maxsite/plugins/golosovalka/vote.css
81.177.135.132200 OK 1.2 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/plugins/golosovalka/vote.css
IP 81.177.135.132:0
Hash 0604999a8632949c52c901da75765873
e1249699c65a4aaebd0551a67fa79dd337a11fe0
ba815e90f375c8be846e50e759453f22582410169b2f6913363a14613be91809
GET /application/maxsite/plugins/golosovalka/vote.css HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/css
Content-Length: 1200
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:25 GMT
ETag: "5622d9f-d8a-57c48db7bb7f7"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/sliders/styless.css
81.177.135.132200 OK 468 B URL HTTP/1.1 fantivirus.ru/sliders/styless.css
IP 81.177.135.132:0
Hash 0587efb56415e2ea3e674d8a3db06433
3ab0fbf3e41bc4c68222aaf356bc2a1e699463ef
c93aaf6c061a921c5a33cb4e8b6b86b8cd66c6f0e1ae2ad68a4045ecc36151a1
GET /sliders/styless.css HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/css
Content-Length: 468
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:28 GMT
ETag: "5622fc7-4c3-57c48f1223181"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/application/maxsite/common/jquery/jquery-1.6.4.min.js
81.177.135.132200 OK 32 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/common/jquery/jquery-1.6.4.min.js
IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 9395a1ed3e6cd05fa96ddfcbf645f5c1
7c7020b920bbd1b8464954a181603e628801809a
7015f2d50fdfba5c0020e90050e0dbd518ccf148a73bdc2c61c9180b1bc5aaa1
Analyzer Verdict Alert fortinet Malware
GET /application/maxsite/common/jquery/jquery-1.6.4.min.js HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/javascript
Content-Length: 32271
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:22 GMT
ETag: "5622d9b-16745-57c48db4bfcdb"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/application/maxsite/common/jquery/ui/effects.core.packed.js
81.177.135.132200 OK 4.0 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/common/jquery/ui/effects.core.packed.js
IP 81.177.135.132:0
File type ASCII text, with very long lines (8786)
Hash fc9e9d08e1acc8e3ffb2936f178cd640
27d5f2616e3422ac5ad96831590bb5e8802f08a5
ce77907a364c41b7b80718e073602fc43ee57a32d60eebcb96ed84782c73f199
Analyzer Verdict Alert fortinet Malware
GET /application/maxsite/common/jquery/ui/effects.core.packed.js HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/javascript
Content-Length: 4010
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:23 GMT
ETag: "5622d9c-2393-57c48db59d006"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/sliders/jquery-1.2.6.min.js
81.177.135.132200 OK 17 kB URL HTTP/1.1 fantivirus.ru/sliders/jquery-1.2.6.min.js
IP 81.177.135.132:0
File type ASCII text, with very long lines (12391)
Hash a679c6cae47e03d8cd155a85f77278cb
34bb733017702259dbcde70be96605a3898f31b9
495191e622c262a195eafb98afe76178d464649789eb27f10d852efa2b9585a5
Analyzer Verdict Alert fortinet Malware
GET /sliders/jquery-1.2.6.min.js HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/javascript
Content-Length: 16971
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:27 GMT
ETag: "5622fc5-db13-57c48f11540e8"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
vkontakte.ru/js/api/share.js?10
87.240.132.67301 Moved Permanently 164 B URL HTTP/1.1 vkontakte.ru/js/api/share.js?10
IP 87.240.132.67:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6d359f551ba4cb27d59e94a6cddaec09
d230318bd921ad8167c2eb9dfdc7b1d7d2c7373f
9ecd8531025e89f5e1ca23d81203a9feddbd5b4b75ca79c9868cb53762293bc8
GET /js/api/share.js?10 HTTP/1.1
Host: vkontakte.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 301 Moved Permanently
Server: kittenx
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://vkontakte.ru/js/api/share.js?10
X-Frontend: front220004
Access-Control-Expose-Headers: X-Frontend
fantivirus.ru/
81.177.135.132200 OK 7.4 kB IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1311), with CRLF, LF line terminators
Hash d793354cc1b43deb4014bcd6d3b393c0
d6814c497f7c4884f7c26ecaf8ddfd19bdf165ce
9138f437e0d71a74dbddad43c3f16111fd04439da91fc3357d73da4fb019605f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fantivirus.ru/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 7421
Connection: keep-alive
Server: Jino.ru/mod_pizza
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef584d4c57778448322bc8434f507728
e99a7258db1c8db03512ad618ff9b9d5690d3ec5
3d64fa6fe85ec9bf9efde94f767a20843fd2ec91648877f2f60406d8000478c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D64FA6FE85EC9BF9EFDE94F767A20843FD2EC91648877F2F60406D8000478C4"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5361
Expires: Fri, 02 Dec 2022 19:58:55 GMT
Date: Fri, 02 Dec 2022 18:29:34 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash d8b89ba07d74b4d1999e08948978aec8
4eecb4932e186e98cf8e4e11a4a420df46de6b4e
2b310940d5bc31432238ff6c15d13732babf3bfe4dcc95853a110c4ea56b0ce3
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 06 Dec 2022 16:38:21 GMT
ETag: "4eecb4932e186e98cf8e4e11a4a420df46de6b4e"
Last-Modified: Fri, 02 Dec 2022 16:38:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1913
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773620f8c8d41bfa-OSL
stg.odnoklassniki.ru/share/odkl_share.css
217.20.147.8301 Moved Permanently 163 B URL HTTP/1.1 stg.odnoklassniki.ru/share/odkl_share.css
IP 217.20.147.8:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0bbfa2be7753e0ca4e6713612e42adab
0e7d49c500d0a99adb9447f9bba4e858103d9bc7
798e70617ff2491e1f5c5ecb006a2d31fe9c3bab23b9979572b98ac8b3db62f6
GET /share/odkl_share.css HTTP/1.1
Host: stg.odnoklassniki.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 301 Moved Permanently
Server: Apache
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://st.mycdn.me/share/odkl_share.css
stg.odnoklassniki.ru/share/odkl_share.js
217.20.147.8301 Moved Permanently 163 B URL HTTP/1.1 stg.odnoklassniki.ru/share/odkl_share.js
IP 217.20.147.8:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0bbfa2be7753e0ca4e6713612e42adab
0e7d49c500d0a99adb9447f9bba4e858103d9bc7
798e70617ff2491e1f5c5ecb006a2d31fe9c3bab23b9979572b98ac8b3db62f6
GET /share/odkl_share.js HTTP/1.1
Host: stg.odnoklassniki.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 301 Moved Permanently
Server: Apache
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 163
Connection: keep-alive
Location: https://st.mycdn.me/share/odkl_share.js
vkontakte.ru/js/api/share.js?10
87.240.132.67200 OK 3.0 kB URL HTTP/2 vkontakte.ru/js/api/share.js?10
IP 87.240.132.67:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1077)
Hash 5152f3cb6fe0b11496ea2a8de5bcb963
71572fb3ea4b65b6d9a4d0989b62133b1b39133d
01e8e588dda5b6bfb716d56b7f051f325382b3e0998853757c8e41f66ec30f25
GET /js/api/share.js?10 HTTP/1.1
Host: vkontakte.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Fri, 02 Dec 2022 18:29:34 GMT
content-type: application/x-javascript
content-length: 2974
last-modified: Thu, 07 Apr 2022 12:12:57 GMT
etag: "624ed549-b9e"
content-encoding: br
expires: Tue, 06 Dec 2022 18:29:34 GMT
cache-control: max-age=345600
x-frontend: front220004
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 18:11:16 GMT
cache-control: public,max-age=3600
age: 1098
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fantivirus.ru/images/utilita-free-antivirus-norman.jpg
81.177.135.132200 OK 3.9 kB URL HTTP/1.1 fantivirus.ru/images/utilita-free-antivirus-norman.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 26a89dfa3c4da709df9a97cf73c35fbe
3592b23c9c662158b27eeb6077975501d2d568f8
0157eec6f6bf47583b5d259088887eb5396ad7e905427ba7a01bc4c33e53c644
GET /images/utilita-free-antivirus-norman.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 3877
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:28:11 GMT
ETag: "5622de0-f25-57c48de3e7b08"
Accept-Ranges: bytes
fantivirus.ru/images/utilita-norton-antivirus.jpg
81.177.135.132200 OK 6.3 kB URL HTTP/1.1 fantivirus.ru/images/utilita-norton-antivirus.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash ab1f74e953364e2a3eb500d55155c316
dbe01a4efd10863a9cbba1d023ff94fc4f64f17b
80a491ffd7af4df3da9d4aad26d811ba269c38c8c279f8bdb33d2720ccebf450
GET /images/utilita-norton-antivirus.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 6342
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:28:12 GMT
ETag: "5622fce-18c6-57c48de49873d"
Accept-Ranges: bytes
fantivirus.ru/images/trial-antivirus-g-data.jpg
81.177.135.132200 OK 11 kB URL HTTP/1.1 fantivirus.ru/images/trial-antivirus-g-data.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 51037893ddf4246a90a3c8b06da0de34
c86619ec4e6ffaa58908d1e4ffba86ad35df2704
af4b7fa38ed4643fa4e054579a17e44323cb01a66af8769158f1c1e832ee9a5c
GET /images/trial-antivirus-g-data.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 11144
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:28:09 GMT
ETag: "5622ddc-2b88-57c48de22d4b3"
Accept-Ranges: bytes
fantivirus.ru/images/ytilita-antivirus-free.jpg
81.177.135.132200 OK 4.0 kB URL HTTP/1.1 fantivirus.ru/images/ytilita-antivirus-free.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 54c691992a94ccc15c2af452a28f54a6
d2180d68954f648d96e8bf26c799d4b37451443d
3232038320b46485cdb5ea1ee09fda728dc33f333776c733e01af0f2b1d39e91
GET /images/ytilita-antivirus-free.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 3966
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:28:12 GMT
ETag: "5622de1-f7e-57c48de503252"
Accept-Ranges: bytes
fantivirus.ru/images/free-utilities-avira.jpg
81.177.135.132200 OK 5.5 kB URL HTTP/1.1 fantivirus.ru/images/free-utilities-avira.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 03083a99bcaee0d18e4514d4af25fed4
84cec7624110cbfe84cd9dc5ac54310a2fd41d91
f9dc4f699548c136149063e97863febb99ea7f1939435e082f49dc289e058c16
GET /images/free-utilities-avira.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 5537
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:28:03 GMT
ETag: "5622dd1-15a1-57c48ddc92ae7"
Accept-Ranges: bytes
fantivirus.ru/images/probnaya-versiya-antivirus-pc-spware.jpg
81.177.135.132200 OK 5.4 kB URL HTTP/1.1 fantivirus.ru/images/probnaya-versiya-antivirus-pc-spware.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash a6d5bc6ebad66fec0535b36a01c02e78
99802e16b7c47a55c14923ca5bcf858f01bf5f4e
8e3a56e4c655243bb707e959e1359f72d46a49707b0ed1c7e7176f1efaf0b1d7
GET /images/probnaya-versiya-antivirus-pc-spware.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 5442
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:28:07 GMT
ETag: "5622dd8-1542-57c48de059c03"
Accept-Ranges: bytes
w.uptolike.com/widgets/v1/zp.js?pid=lf34f44a4945b92aad5aba53c2b1374cd6f45c6c61
95.163.114.204200 OK 11 kB URL HTTP/1.1 w.uptolike.com/widgets/v1/zp.js?pid=lf34f44a4945b92aad5aba53c2b1374cd6f45c6c61
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (585)
Hash 57d42c4e786165e0f04c1c694f386d0a
d54f6c279c77e46a57065ef8d6fa30ff7fad46dd
0c777264bcd3f2ab757509f80ca7eae04c495be1dc66bcc4065a6ce915e665ff
GET /widgets/v1/zp.js?pid=lf34f44a4945b92aad5aba53c2b1374cd6f45c6c61 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fantivirus.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: utl_id2=29816604963; Expires=Sun, 01 Dec 2024 18:29:34 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CLSv56DNMBAAILSAsqnNMCi0gLKpzTAwAFPkTvOIX3+5oEl/9EO+rAQ="; Expires=Sun, 01 Dec 2024 18:29:34 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
Cache-Control: max-age=31556926
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
fantivirus.ru/images/free-antivirus-nano.jpg
81.177.135.132200 OK 3.7 kB URL HTTP/1.1 fantivirus.ru/images/free-antivirus-nano.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash cc671718152768e566f4a7f77699e989
042c9ae5765e0a5456b86c2689ac5cb612177575
4d88c36d6fe89aff798bf4d77d860d115122f2330ef88c5eb28a2053d83137ad
GET /images/free-antivirus-nano.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 3718
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:28:02 GMT
ETag: "5622dcf-e86-57c48ddb930f1"
Accept-Ranges: bytes
fantivirus.ru/images/besplatny-antivirus-rising.jpg
81.177.135.132200 OK 3.0 kB URL HTTP/1.1 fantivirus.ru/images/besplatny-antivirus-rising.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 07ab602f641081f7dfd29401f2137a7a
d167b4813c40b6339863afb11a21e65fd31c2262
04633121f3fefa28ba740a2cd7fc95ae97157340121d5e4b3a700041b74abeb6
GET /images/besplatny-antivirus-rising.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 2996
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:55 GMT
ETag: "5622dc1-bb4-57c48dd44d6ea"
Accept-Ranges: bytes
fantivirus.ru/images/free-antivirus-ad-aware.jpg
81.177.135.132200 OK 4.0 kB URL HTTP/1.1 fantivirus.ru/images/free-antivirus-ad-aware.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash b8bb91a7e442172d12e7dd7f535f09f3
65b0b50f1b67ab401706512f86b38266a57decb6
a5e93e83340c07cfa3765d97c9ebb9052f8635cbb918fcc56ebb4d017ce70636
GET /images/free-antivirus-ad-aware.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 3974
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:58 GMT
ETag: "5622dc6-f86-57c48dd6f717b"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 46c6ab2ad14ebde895197db4d53efcd5
0fdde46dc95067020de7586f5c9501625ff08957
a66574b3f61b4fc44363c6c980e004bc651c3ba3944ea88a76450b513220abd4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Dec 2022 17:02:05 GMT
ETag: "0fdde46dc95067020de7586f5c9501625ff08957"
Last-Modified: Fri, 02 Dec 2022 17:02:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1562
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773620fa7d95b4f3-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 46c6ab2ad14ebde895197db4d53efcd5
0fdde46dc95067020de7586f5c9501625ff08957
a66574b3f61b4fc44363c6c980e004bc651c3ba3944ea88a76450b513220abd4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Dec 2022 17:02:05 GMT
ETag: "0fdde46dc95067020de7586f5c9501625ff08957"
Last-Modified: Fri, 02 Dec 2022 17:02:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1562
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773620fa7af01c02-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5853
Cache-Control: max-age=144893
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:29:34 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:44:27 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
st.mycdn.me/share/odkl_share.css
217.20.156.72200 OK 46 B URL HTTP/2 st.mycdn.me/share/odkl_share.css
IP 217.20.156.72:0
File type Unicode text, UTF-8 text, with no line terminators
Hash 42a9cf7542532ee2ad00d8f7439d3fdd
3bc6666c3851b1c46e22fe98e888dff8f2062a65
8e3412dd8b9bbb1a2681c489c7c7ea8d700d232592f78540604b0481d88230cb
GET /share/odkl_share.css HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Fri, 02 Dec 2022 18:29:34 GMT
content-type: text/css; charset=utf-8
content-length: 46
last-modified: Wed, 16 Mar 2022 10:36:26 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sat, 03 Dec 2022 18:29:34 GMT
cache-control: max-age=86400
timing-allow-origin: *
X-Firefox-Spdy: h2
st.mycdn.me/share/odkl_share.js
217.20.156.72200 OK 667 B URL HTTP/2 st.mycdn.me/share/odkl_share.js
IP 217.20.156.72:0
File type ASCII text, with very long lines (1690), with no line terminators
Hash 954cfccac5704af63f8971a7a6951b94
c11654dc954b620318ffaad5b99a35e624b600a1
5fac9514e76eaf34525b77dc18045a43e1ede01e7de87f9aef0ff2c0680fdc86
GET /share/odkl_share.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: apache
date: Fri, 02 Dec 2022 18:29:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 667
last-modified: Wed, 16 Mar 2022 10:36:26 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sat, 03 Dec 2022 18:29:34 GMT
cache-control: max-age=86400
timing-allow-origin: *
X-Firefox-Spdy: h2
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-body.jpg
81.177.135.132200 OK 566 B URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-body.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4x390, components 3\012- data
Hash fa9a792dc548d66b597854b5688c6a8f
f6f15755966107925145ea59a0f70bb4bcf2fbea
7104a48ddd5fcb5fc33f1fbb755b2f024d94c49b1bb8f04e1dafbf0ecf56156c
GET /application/maxsite/templates/fantivirus-blue/images/bg-body.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 566
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:28 GMT
ETag: "5622da3-236-57c48dbae3a07"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-top-head.jpg
81.177.135.132200 OK 8.1 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-top-head.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 800x100, components 3\012- data
Hash 90e20a9c037273797028bb117677a197
53f65562f029f33e9ff7d944843efa49e1b1d8f2
05091944595ec0c8948ab95addf35296a3242dd891c1532d9524cf5d9e1a1ae8
GET /application/maxsite/templates/fantivirus-blue/images/bg-top-head.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 8061
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:31 GMT
ETag: "5622fcd-1f7d-57c48dbd1fe8c"
Accept-Ranges: bytes
fantivirus.ru/sliders/a-1.gif
81.177.135.132200 OK 1.9 kB URL HTTP/1.1 fantivirus.ru/sliders/a-1.gif
IP 81.177.135.132:0
File type GIF image data, version 89a, 144 x 20\012- data
Hash cba956d6cafcf7d56e3639c33647dd59
e7bb6d5579a0aa16b1975a2e412349998f5cedf7
e1dd336defd5c85b5be02bab4f27dda78e65c67d73f33fbff6d4c889415698f5
GET /sliders/a-1.gif HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/sliders/styless.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/gif
Content-Length: 1887
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:26 GMT
ETag: "5622fc4-75f-57c48f108aa28"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/header.jpg
81.177.135.132200 OK 17 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/header.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 800x226, components 3\012- data
Hash 181fd8500da81835c8d6af0890f5f82f
801e04d802b1272d1a53738b1ac81596cf3c1d09
32a0389fc30a2b42aa5a7233718fc37feaad8780696f79e37668d9bbee7f9f7d
GET /application/maxsite/templates/fantivirus-blue/images/header.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 17301
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:33 GMT
ETag: "5622da9-4395-57c48dbf75953"
Accept-Ranges: bytes
fantivirus.ru/sliders/2.jpg
81.177.135.132200 OK 30 kB URL HTTP/1.1 fantivirus.ru/sliders/2.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x186, components 3\012- data
Hash c77d3d0d519dbc4c3a09a88f231e9a34
d9054c22d8bd61bf219ea282810cc5c958257347
f3083902bddd09f130449c9d5fb648a0d8e8fd378b52a3a3823af56c469a2791
GET /sliders/2.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/sliders/styless.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 29461
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:25 GMT
ETag: "5622fc3-7315-57c48f0fa040c"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-sidebar.gif
81.177.135.132200 OK 56 B URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-sidebar.gif
IP 81.177.135.132:0
File type GIF image data, version 89a, 279 x 1\012- data
Hash 858f4cfca612b38a39eb3ab8e41d9080
1330c372e064979c92eac51e0272b6d4a909f98c
a1b7b4a866fcb23d66581946adc416c874fed3704c12a969051d6577d50f692b
GET /application/maxsite/templates/fantivirus-blue/images/bg-sidebar.gif HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/gif
Content-Length: 56
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:30 GMT
ETag: "5622fcc-38-57c48dbcad676"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/plugins/golosovalka/5_stars_big.gif
81.177.135.132302 Found 184 B URL HTTP/1.1 fantivirus.ru/application/maxsite/plugins/golosovalka/5_stars_big.gif
IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 80f5c0404356becf5e2f9f8699ac8d2b
0ba40bf4826a1fe072d5cc0e036333d72332c33a
241c024a7591236b5e982dbc1e1769a515431407f8c54f0b901fc18a2d6a6dad
GET /application/maxsite/plugins/golosovalka/5_stars_big.gif HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/plugins/golosovalka/vote.css
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Server: Jino.ru/mod_pizza
Location: http://fantivirus.ru/
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-h2.jpg
81.177.135.132200 OK 2.0 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-h2.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 240x28, components 3\012- data
Hash f2e315281b749e4e2faa6b2d5a27e840
54bb1f8b25a40ad928955f14a73a03e267d22b26
eda0249ee7af5ee7110415f3972248272c96b3ac4546e57da5a164a1b90d8172
GET /application/maxsite/templates/fantivirus-blue/images/bg-h2.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 2037
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:30 GMT
ETag: "5622da4-7f5-57c48dbc396f0"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bullet.gif
81.177.135.132200 OK 540 B URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bullet.gif
IP 81.177.135.132:0
File type GIF image data, version 89a, 13 x 13\012- data
Hash 5c412614dab8a2e6bef32bceecdd6119
e1be8460c35619cd052f34bc23ac3dfbc5f6c9c4
79d3c3c37d63921634429fcf7fac47d94379070a37477b22fc5d64f7580bcd7f
GET /application/maxsite/templates/fantivirus-blue/images/bullet.gif HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/gif
Content-Length: 540
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:31 GMT
ETag: "5622da5-21c-57c48dbd82ca0"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-h2-niz.jpg
81.177.135.132200 OK 666 B URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-h2-niz.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 240x8, components 3\012- data
Hash cbfc24c2a659423dd174c7fa10e30bfd
e3611ff6f1f38d8a0402d05419488f466aea13cd
199fb41c92446c7f784a9663957fba9637248d681e5031d42b940c1cdf7338df
GET /application/maxsite/templates/fantivirus-blue/images/bg-h2-niz.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 666
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:29 GMT
ETag: "5622fcb-29a-57c48dbbbbf11"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-footer.jpg
81.177.135.132200 OK 7.8 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/bg-footer.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 800x55, components 3\012- data
Hash 2e6da463e4c990eeeb9ee31f88c7e500
8a569569ec40ec4ecf5bd53279fc0110e2a4ed5c
374daf48ad9086e53f95aeca01c1bfbfdfd11b235facf77586dcdb618b136ba6
GET /application/maxsite/templates/fantivirus-blue/images/bg-footer.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 7755
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:29 GMT
ETag: "5622fca-1e4b-57c48dbb57d75"
Accept-Ranges: bytes
fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/calendar.gif
81.177.135.132200 OK 1.1 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/images/calendar.gif
IP 81.177.135.132:0
File type GIF image data, version 89a, 28 x 15\012- data
Hash 5cf18bc665aad43d3a3a14b073b035db
569fdda9651355ce19a857fb586cc14dcc601332
4d52f99a11e3ccc63f511b026551a36722b074d69b707a876d817d2306c72490
GET /application/maxsite/templates/fantivirus-blue/images/calendar.gif HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/application/maxsite/templates/fantivirus-blue/style.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/gif
Content-Length: 1130
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:32 GMT
ETag: "5622da8-46a-57c48dbeedd63"
Accept-Ranges: bytes
w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1670005772853688
95.163.114.204200 OK 83 B URL HTTP/1.1 w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1670005772853688
IP 95.163.114.204:0
ASN #12695 LLC Digital Network
File type ASCII text, with no line terminators
Hash 37c0d5513cf7ddb7f187edac735d8601
d86f493daaf1a9aab30d064dc11e8face5e6c4cf
c5840c73ef84d6c0c65ac88d218a34e9f945cd524620d4d47673b7db54a4a98e
GET /widgets/v1/version.js?cb=cb__utl_cb_share_1670005772853688 HTTP/1.1
Host: w.uptolike.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fantivirus.ru/
Cookie: utl_id2=29816604963; utl_dat="CLSv56DNMBAAILSAsqnNMCi0gLKpzTAwAFPkTvOIX3+5oEl/9EO+rAQ="
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 23 Nov 2022 19:31:36 GMT
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Set-Cookie: utl_id2=29816604963; Expires=Sun, 01 Dec 2024 18:29:34 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
utl_dat="CLSv56DNMBAAILSAsqnNMCi0gLKpzTAwAFPkTvOIX3+5oEl/9EO+rAQ="; Expires=Sun, 01 Dec 2024 18:29:34 GMT; Path=/; Domain=.w.uptolike.com; SameSite=None; Secure
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Content-Encoding: gzip
fantivirus.ru/
81.177.135.132200 OK 7.4 kB IP 81.177.135.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1311), with CRLF, LF line terminators
Hash d793354cc1b43deb4014bcd6d3b393c0
d6814c497f7c4884f7c26ecaf8ddfd19bdf165ce
9138f437e0d71a74dbddad43c3f16111fd04439da91fc3357d73da4fb019605f
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fantivirus.ru/application/maxsite/plugins/golosovalka/vote.css
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 7421
Connection: keep-alive
Server: Jino.ru/mod_pizza
Vary: Accept-Encoding
Content-Encoding: gzip
fantivirus.ru/sliders/3.jpg
81.177.135.132200 OK 25 kB URL HTTP/1.1 fantivirus.ru/sliders/3.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x186, components 3\012- data
Hash 392b6a0f013c3f68a0e002876597d80e
68e791553848599be488b4f4ef9c37e1919ba317
6ed1e39f995a49b144c0eac4177c251b143e3b43d4149848c19f20f39a16a25b
GET /sliders/3.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/sliders/styless.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 24881
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:26 GMT
ETag: "5622fd0-6131-57c48f102e1a5"
Accept-Ranges: bytes
fantivirus.ru/sliders/1.jpg
81.177.135.132200 OK 31 kB URL HTTP/1.1 fantivirus.ru/sliders/1.jpg
IP 81.177.135.132:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x186, components 3\012- data
Hash 1cda557b8137a5cf1ddc10f32cb9a634
21b35b4028ad85686c63a4cef9109c4dbced39ee
a74ecfe4ceeb93510ecee69b9338bebacd3a099d9b0b36ddf9adadbf9871f6e9
GET /sliders/1.jpg HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/sliders/styless.css
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/jpeg
Content-Length: 30943
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:33:25 GMT
ETag: "5622fcf-78df-57c48f0f08a32"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 452dbfb734091e91a3589c4d7dd15f4b
661ac447618dae8bea4c5e09bcf1defa4c1799b0
590dded7098576b685a16a64881e112b1b742e1e1fae98464971fa8bb7d51847
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "590DDED7098576B685A16A64881E112B1B742E1E1FAE98464971FA8BB7D51847"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5199
Expires: Fri, 02 Dec 2022 19:56:13 GMT
Date: Fri, 02 Dec 2022 18:29:34 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.83.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.83.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rj0Y+m54Cdg2xHxUmZm3Iw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rJVi2sUFw+hNhSAQJuYtEtoV5Yo=
www.acint.net/aci.js
46.4.114.109200 OK 7.5 kB IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1408)
Hash ae0aab6c5a2ae2e1168e74f6e6ae4741
2c00f69ee4bbe2ec96c0f7bb33b5f827a6195af8
a47a88a9b6c7635e5074c25c6e3c92f399fdf8772376e94f077167241e59f9de
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fantivirus.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:34 GMT
content-type: application/x-javascript
content-length: 7461
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
etag: "61a4d3dc-1d25"
content-encoding: gzip
expires: Sat, 03 Dec 2022 06:29:34 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 53
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 18:29:34 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F710)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
fantivirus.ru/application/maxsite/templates/fantivirus-blue/favicon.ico
81.177.135.132200 OK 4.3 kB URL HTTP/1.1 fantivirus.ru/application/maxsite/templates/fantivirus-blue/favicon.ico
IP 81.177.135.132:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash aa58c1d71618b2860b2363bea3dd44ff
d29e9f8b3bc62c896aa95dc1770918bcb1423a02
5f3d1cb1f25133a07265ebeaaff0bf6064fd3fc47b414840d026c0d25a577667
GET /application/maxsite/templates/fantivirus-blue/favicon.ico HTTP/1.1
Host: fantivirus.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 4286
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Wed, 05 Dec 2018 16:27:27 GMT
ETag: "5622da1-10be-57c48db95f301"
Accept-Ranges: bytes
vk.com/share.php?act=count&index=0&url=http%3A%2F%2Ffantivirus.ru%2F
87.240.129.133301 Moved Permanently 164 B URL HTTP/1.1 vk.com/share.php?act=count&index=0&url=http%3A%2F%2Ffantivirus.ru%2F
IP 87.240.129.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6d359f551ba4cb27d59e94a6cddaec09
d230318bd921ad8167c2eb9dfdc7b1d7d2c7373f
9ecd8531025e89f5e1ca23d81203a9feddbd5b4b75ca79c9868cb53762293bc8
GET /share.php?act=count&index=0&url=http%3A%2F%2Ffantivirus.ru%2F HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 301 Moved Permanently
Server: kittenx
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Ffantivirus.ru%2F
X-Frontend: front609304
Access-Control-Expose-Headers: X-Frontend
mc.yandex.ru/metrika/watch.js
93.158.134.119302 Moved temporarily 0 B URL HTTP/1.1 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js
vk.com/images/icons/like_widget.png
87.240.129.133301 Moved Permanently 164 B URL HTTP/1.1 vk.com/images/icons/like_widget.png
IP 87.240.129.133:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6d359f551ba4cb27d59e94a6cddaec09
d230318bd921ad8167c2eb9dfdc7b1d7d2c7373f
9ecd8531025e89f5e1ca23d81203a9feddbd5b4b75ca79c9868cb53762293bc8
GET /images/icons/like_widget.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 301 Moved Permanently
Server: kittenx
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://vk.com/images/icons/like_widget.png
X-Frontend: front609304
Access-Control-Expose-Headers: X-Frontend
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash a86f4d9c550e7518d24d9eda3bccf92d
df9f6dafd36e236f44b0eef9f290e0e023d6af0b
2ecb828349b448bc345090b3cf7041af4e08279f0743e24ed9250e4f6c8ccd0b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 06 Dec 2022 15:19:14 GMT
ETag: "df9f6dafd36e236f44b0eef9f290e0e023d6af0b"
Last-Modified: Fri, 02 Dec 2022 15:19:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 937
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773620fd596ab4f3-OSL
www.acint.net/mc/?dp=10
46.4.114.109302 Moved Temporarily 142 B IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=65945939&u=http%3A%2F%2Ffantivirus.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&oE=1&oP=1&dT=2022-12-02T18%3A29%3A33.049&fu=eb87a63e-a109-4207-968e-1d858f9bf4c7
46.4.114.109302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=65945939&u=http%3A%2F%2Ffantivirus.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&oE=1&oP=1&dT=2022-12-02T18%3A29%3A33.049&fu=eb87a63e-a109-4207-968e-1d858f9bf4c7
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=65945939&u=http%3A%2F%2Ffantivirus.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&oE=1&oP=1&dT=2022-12-02T18%3A29%3A33.049&fu=eb87a63e-a109-4207-968e-1d858f9bf4c7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 02 Dec 2022 18:29:34 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=65945939&u=http%3A%2F%2Ffantivirus.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&oE=1&oP=1&dT=2022-12-02T18%3A29%3A33.049&fu=eb87a63e-a109-4207-968e-1d858f9bf4c7
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Ffantivirus.ru
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Ffantivirus.ru
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Ffantivirus.ru HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fantivirus.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 132698
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 18:29:34 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
www.acint.net/mc/?dp=10
46.4.114.109302 Found 154 B IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 02 Dec 2022 18:29:34 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 02-Dec-22 18:39:34 GMT
aid=LgR5GmOKRA7BEwIsK2KsAjvz+WyUQ8CSABOVm9XeVzq+ViEu; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=65945939&u=http%3A%2F%2Ffantivirus.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&oE=1&oP=1&dT=2022-12-02T18%3A29%3A33.049&fu=eb87a63e-a109-4207-968e-1d858f9bf4c7
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=65945939&u=http%3A%2F%2Ffantivirus.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&oE=1&oP=1&dT=2022-12-02T18%3A29%3A33.049&fu=eb87a63e-a109-4207-968e-1d858f9bf4c7
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=65945939&u=http%3A%2F%2Ffantivirus.ru%2F&r=&rs=1280x1024&t=%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&oE=1&oP=1&dT=2022-12-02T18%3A29%3A33.049&fu=eb87a63e-a109-4207-968e-1d858f9bf4c7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fantivirus.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Fri, 02 Dec 2022 18:29:34 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Fri, 02 Dec 2022 19:29:34 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
vk.com/images/icons/like_widget.png
87.240.132.67200 OK 538 B URL HTTP/2 vk.com/images/icons/like_widget.png
IP 87.240.132.67:0
File type PNG image data, 19 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash 88db15ca955d5c8410cfcb486c31ce12
a5b91356b3c67898db40b623689b5c87cb3de8ab
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
GET /images/icons/like_widget.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/png
content-length: 538
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
etag: "5f6a5ec4-21a"
expires: Fri, 09 Dec 2022 18:29:35 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (553)
Hash c60a99ec4a842cc4cbad20ba491e612d
8ee96879a4e45feddc2f7ecd3557964c018de785
b71f683bce11040ee01e5fabd8d4badbb20e19e4eee98556cbe7c780d01b0942
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 57650
date: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-origin: *
etag: "6388ac0c-e132"
expires: Fri, 02 Dec 2022 19:29:35 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
vk.com/share.php?act=count&index=0&url=http%3A%2F%2Ffantivirus.ru%2F
87.240.132.67200 OK 41 B URL HTTP/2 vk.com/share.php?act=count&index=0&url=http%3A%2F%2Ffantivirus.ru%2F
IP 87.240.132.67:0
File type ASCII text, with no line terminators
Hash 6de86497641c67868bfddcbf5a8bf434
6065bb53c9addbda818a6b172597326ebc31e8dc
51d446e1b704e289975e53c6945dee986d432bb439d02a2afcee7ce1b5bddcf8
GET /share.php?act=count&index=0&url=http%3A%2F%2Ffantivirus.ru%2F HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: text/html; charset=windows-1251
content-length: 41
x-powered-by: KPHP/7.4.112790
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly
remixlang=3; expires=Sat, 02 Dec 2023 08:54:46 GMT; path=/; domain=.vk.com
remixstlid=9105942788652113459_AmWEKiuunUzjGBZyw5gY5CfwH99o7VZQEl4NHoj0zdD; expires=Sat, 02 Dec 2023 18:29:35 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front220004
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 008d73afe4b0c9173762e808e60a25b4
3667c94f1fb3ac84426306c33e42e977ea1c8f5f
8cb7e87e8a4a09cace36dbc160197bf46a0de5e2a192435616acfa8fa8e973b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5562
Cache-Control: max-age=130173
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:29:35 GMT
Etag: "638987d2-139"
Expires: Sun, 04 Dec 2022 06:39:08 GMT
Last-Modified: Fri, 02 Dec 2022 05:06:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
a.utraff.com/sync?ssp=sape
172.67.217.151204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP 172.67.217.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 01 Jan 2023 21:29:35 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 01 Jan 2023 21:29:35 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQtfuBGtVk7pz0KPYKV1wNpGCdg962cKeJ1jSCi%2FG7l2%2FYSK0gRjCjQZ7X%2BqYG9Mkjz3QKJ4x0YgNNxkAOu4uC8qko1P2bYZNV8gjcU%2BNeLgvxGZKju2CwnPRz2Xpxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773620fff90fb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 226e2d92257a39d60edcc583e0345d24
c774ee18f87d7b48e691d9c8a9eee49d74326d23
3986049e539c0779ba9e98540143854f7023e3e1f03c4dff8ea903e2db425f54
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Dec 2022 16:11:26 GMT
ETag: "c774ee18f87d7b48e691d9c8a9eee49d74326d23"
Last-Modified: Fri, 02 Dec 2022 16:11:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1709
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773621002fdb1bfa-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dec3bbeb33096b6277bd341741303788
8234a438495aafdddaa78667f254571d59fecf3d
85a7dd2d8555bf42425da8cbeb44d5c1ccf87a0f17d8090b037cb2e3dc2d7833
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85A7DD2D8555BF42425DA8CBEB44D5C1CCF87A0F17D8090B037CB2E3DC2D7833"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8706
Expires: Fri, 02 Dec 2022 20:54:41 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
syndication.twitter.com/settings?session_id=fb7f060836422e2deae8ca8c2d5db5654ab73f9b
104.244.42.72200 OK 393 B URL HTTP/2 syndication.twitter.com/settings?session_id=fb7f060836422e2deae8ca8c2d5db5654ab73f9b
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (974), with no line terminators
Hash c52ab9534460d472c5c5c8c045ad659c
f0ca7ab6e4c8ff3d217f6ba95033fe7c4e3eea37
a2dfa7542b1320c0ae5657dda9f58fd928a6c1cc64c336f40df16ac014c9a76f
GET /settings?session_id=fb7f060836422e2deae8ca8c2d5db5654ab73f9b HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 18:29:34 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 02 Dec 2022 18:29:35 GMT
content-length: 393
content-encoding: gzip
x-transaction-id: 99929382a1bc8d3a
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 106
x-connection-hash: 507274d9c7ad4d26f4a48baa86bbf408a957bc5e4e109be2b3f37feca50b25ca
X-Firefox-Spdy: h2
dm-eu.hybrid.ai/match?id=106&vid=1A79042E0E448A632C0213C102AC622B
37.18.103.16204 No Content 0 B URL HTTP/2 dm-eu.hybrid.ai/match?id=106&vid=1A79042E0E448A632C0213C102AC622B
IP 37.18.103.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?id=106&vid=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: dm-eu.hybrid.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 18:29:35 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=1439dcd54697a7975745; Expires=Sat, 02 Dec 2023 18:29:35 GMT; Domain=.hybrid.ai; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 505
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba2c74384048845e67ea414a305f1b3d
f199f6d359b0a0f894e63ede45b8f1a0f81e2f05
0033f5a92be8b7b3f561af35a3efffc60f2469da3985ba66f02809895f98bc64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0033F5A92BE8B7B3F561AF35A3EFFFC60F2469DA3985BA66F02809895F98BC64"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3889
Expires: Fri, 02 Dec 2022 19:34:24 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E0E448A632C0213C102AC622B
95.216.101.186302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E0E448A632C0213C102AC622B
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=45b48c30-726f-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 18:29:35 GMT; SameSite=None; Secure
uid-legacy=45b48c30-726f-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 18:29:35 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E0E448A632C0213C102AC622B&cs=1
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash b08c882450aa9b75fa0b548663e403fd
2551f7b420bec7836efe404572257f050c7b8234
b9a1ecb1ffbae92f0d8b06be5b8811373d90dd3b0d74cde0e9259c033d8c38d5
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Dec 2022 16:19:25 GMT
ETag: "2551f7b420bec7836efe404572257f050c7b8234"
Last-Modified: Fri, 02 Dec 2022 16:19:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2093
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77362100c8651c02-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3747230b8ff278d9eb5624227d0e022c
6213d1d4c79dbcc205b78c47d3069ddfcfd9261c
88e27c1ca5b8c53ec82d04338c64e88ae931e2551c28c5025aff64268e61846a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E27C1CA5B8C53EC82D04338C64E88AE931E2551C28C5025AFF64268E61846A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9938
Expires: Fri, 02 Dec 2022 21:15:13 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5607af58e6bab6fcfc6f4b16fc32a5d4
177a805e4d4ddac6d3c807e695ad4ecc7332b4b6
c953d1199663f3f4459283e59349693d07f6ae0909b5783301661d15d8253288
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4948
Cache-Control: max-age=108343
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:29:35 GMT
Etag: "638934f2-118"
Expires: Sun, 04 Dec 2022 00:35:18 GMT
Last-Modified: Thu, 01 Dec 2022 23:12:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
sync.dmp.otm-r.com/match/sape?id=1A79042E0E448A632C0213C102AC622B
194.55.244.180204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=1A79042E0E448A632C0213C102AC622B
IP 194.55.244.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.23.2
date: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E0E448A632C0213C102AC622B&cs=1
95.216.101.186200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E0E448A632C0213C102AC622B&cs=1
IP 95.216.101.186:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A79042E0E448A632C0213C102AC622B&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=45b48c30-726f-11ed-8ff0-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=45b48c30-726f-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 18:29:35 GMT; SameSite=None; Secure
uid-legacy=45b48c30-726f-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Sat, 02 Dec 2023 18:29:35 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 690c53b951993a620aea0971ef0ff5b3
d4f990127daa5397988e7014d64c29140c0c9a20
4e7d3136a60293c6e7e0e451c7f20ee21ae017abe6d48c60d9fad2461dafb9dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E7D3136A60293C6E7E0E451C7F20EE21AE017ABE6D48C60D9FAD2461DAFB9DD"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9413
Expires: Fri, 02 Dec 2022 21:06:28 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
mc.yandex.ru/watch/51438373/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A252874151820%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A256476908%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/51438373/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A252874151820%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A256476908%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash c375a00be5fd6b8d327ad78b98d13675
efc47019ebcaff416a9234fd464aec79229c0deb
7c1aa10df6031e02950da601e67394e7e065be77288bf706fef80fbb57f06101
GET /watch/51438373/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A252874151820%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A256476908%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fantivirus.ru
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 02 Dec 2022 18:29:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://fantivirus.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 18:29:35 GMT
last-modified: Fri, 02-Dec-2022 18:29:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
46.4.114.109200 OK 1.6 kB URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
Hash bd624783d177a8f16239c64d7c84fd23
4d308d14c60431ac3c05a735afda824fa93f5b49
ed4dd69b60a3601237bb0f2d059d99dcf04920b5835201b47971836cf12e945f
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgR5GmOKRA7BEwIsK2KsAjvz+WyUQ8CSABOVm9XeVzq+ViEu
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1670005775; expires=Sat, 03-Dec-22 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1670005775; expires=Fri, 16-Dec-22 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1670005775; expires=Fri, 16-Dec-22 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1670005775; expires=Fri, 16-Dec-22 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1670005775; expires=Sat, 17-Dec-22 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149v2=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp178=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp221=1670005775; expires=Sun, 01-Jan-23 18:29:35 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d8826b25f34b06c8e8e429a0bfbe2de
735bf7d5ba8a596a5575696d3dd3d04f418fa442
234b943fc5baa922c0c87a98085a1ce506146c1460d1db179f16b45809778cf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "234B943FC5BAA922C0C87A98085A1CE506146C1460D1DB179F16B45809778CF0"
Last-Modified: Wed, 30 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11883
Expires: Fri, 02 Dec 2022 21:47:38 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Fri, 02 Dec 2022 18:29:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=DRUMVHSH
Set-Cookie: uid=DRUMVHSH; Expires=Fri, 02 Dec 2032 00:00:00 GMT; mf2=1; Expires=Sun, 01 Jan 2023 00:00:00 GMT;
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fantivirus.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Fri, 02 Dec 2022 19:29:35 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
1a79042e0e448a632c0213c102ac622b-sp.ops.beeline.ru/p?ssp=sp&id=1A79042E0E448A632C0213C102AC622B
37.9.245.57301 Moved Permanently 0 B URL HTTP/2 1a79042e0e448a632c0213c102ac622b-sp.ops.beeline.ru/p?ssp=sp&id=1A79042E0E448A632C0213C102AC622B
IP 37.9.245.57:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: 1a79042e0e448a632c0213c102ac622b-sp.ops.beeline.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=f44fa6f3-4930-42a7-98c6-98eb559dcc7e
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=f44fa6f3-4930-42a7-98c6-98eb559dcc7e; expires=Thu, 23 Nov 2023 18:29:35 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.33
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcda4541830adb0b51a55d5023f0802c
09dbb3a30d73fde250bf6d762b6d6c8382d3ae48
e9cc5817294bc775bc663924c3f81e27e8d7c4059ab1ac7fe2df1065d8cb7ec7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9CC5817294BC775BC663924C3F81E27E8D7C4059AB1AC7FE2DF1065D8CB7EC7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3771
Expires: Fri, 02 Dec 2022 19:32:26 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhvtomn4dqfeoevoh2pg%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A177741972121%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A774762904%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhvtomn4dqfeoevoh2pg%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A177741972121%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A774762904%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash b62cec103250f9079fe016b4912c7c85
cb907e0c1e47ebd9b47fc3e006d1a074e007f091
648b4f6d95dc12ba6bfc742b60b271e1d9b13f3596dc178d188923823fe8268b
GET /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhvtomn4dqfeoevoh2pg%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A177741972121%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A774762904%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fantivirus.ru
Referer: http://fantivirus.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Fri, 02 Dec 2022 18:29:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://fantivirus.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 18:29:35 GMT
last-modified: Fri, 02-Dec-2022 18:29:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
s.uuidksinc.net/match/396/?remote_uid=1A79042E0E448A632C0213C102AC622B
185.98.54.153302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=1A79042E0E448A632C0213C102AC622B
IP 185.98.54.153:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Fri, 02 Dec 2022 18:29:35 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=qwCFT81pk06HH4LjiFht
set-cookie: jcsuuid=qwCFT81pk06HH4LjiFht; expires=Sat, 02 Dec 2023 18:29:35 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
mediatoday.ru/core/match.gif?s=32&id=1A79042E0E448A632C0213C102AC622B
139.45.228.111200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=1A79042E0E448A632C0213C102AC622B
IP 139.45.228.111:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.22.0
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUorqPr2nFn3tcg; expires=Mon, 29-Nov-2032 18:29:35 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13a1065295c3cf50b7cbef43763cc1c4
5f45040a339522fef0428c29e418815434468a1b
ddd406868dbe4e78adadf55b2d2edf8617481d32d335f008331caaaa94e1012d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDD406868DBE4E78ADADF55B2D2EDF8617481D32D335F008331CAAAA94E1012D"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14678
Expires: Fri, 02 Dec 2022 22:34:13 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
sync.republer.com/match?dsp=sape
23.88.82.46204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP 23.88.82.46:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f2660e8e0bb2db4badbcb32e85c084
28b45acf63e313fd2aff2282ac96329506228f1e
325b00d4f02a6740f30be5b2a462365e6fb234b9863c15c77681957919174aa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "325B00D4F02A6740F30BE5B2A462365E6FB234B9863C15C77681957919174AA0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7234
Expires: Fri, 02 Dec 2022 20:30:09 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=DRUMVHSH
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=DRUMVHSH
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=DRUMVHSH HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=1203420A0F448A63A700DC1A028182D8
46.4.114.109200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=1203420A0F448A63A700DC1A028182D8
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=1203420A0F448A63A700DC1A028182D8 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1670005775579;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1670005775579;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=f44fa6f3-4930-42a7-98c6-98eb559dcc7e
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=f44fa6f3-4930-42a7-98c6-98eb559dcc7e
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=f44fa6f3-4930-42a7-98c6-98eb559dcc7e HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
acint.net/match?dp=110&euid=d59fd24b7b054d24842c7200cc6e717f
46.4.114.109200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=d59fd24b7b054d24842c7200cc6e717f
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=d59fd24b7b054d24842c7200cc6e717f HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f2660e8e0bb2db4badbcb32e85c084
28b45acf63e313fd2aff2282ac96329506228f1e
325b00d4f02a6740f30be5b2a462365e6fb234b9863c15c77681957919174aa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "325B00D4F02A6740F30BE5B2A462365E6FB234B9863C15C77681957919174AA0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7234
Expires: Fri, 02 Dec 2022 20:30:09 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
stat.adlabs.ru/merge_gpsid/?sid=50&id=1A79042E0E448A632C0213C102AC622B
109.248.237.37302 Found 0 B URL HTTP/2 stat.adlabs.ru/merge_gpsid/?sid=50&id=1A79042E0E448A632C0213C102AC622B
IP 109.248.237.37:0
ASN #201009 Centre of server systems Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge_gpsid/?sid=50&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: stat.adlabs.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=1A79042E0E448A632C0213C102AC622B
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=qwCFT81pk06HH4LjiFht
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=qwCFT81pk06HH4LjiFht
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=qwCFT81pk06HH4LjiFht HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=1A79042E0E448A632C0213C102AC622B
31.172.81.160302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=1A79042E0E448A632C0213C102AC622B
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.101.76.186302 Found 503 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.101.76.186:0
ASN #48096 Enterprise Cloud Ltd.
Hash 37c1cd14d8554ab32febb15662b2244d
5abc5ffb2358a347371c1c2c00394f9065737d4c
b8bb8028d5f0a60b88f5d88beb826083c42f9dd4e340661b7489e15f2d4bed27
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=d59fd24b7b054d24842c7200cc6e717f
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=d59fd24b7b054d24842c7200cc6e717f; expires=Fri, 01 Dec 2023 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 02 Dec 2022 18:29:35 GMT
X-Firefox-Spdy: h2
match.new-programmatic.com/userbind?src=sape&id=1A79042E0E448A632C0213C102AC622B
217.65.2.150204 No Content 0 B URL HTTP/1.1 match.new-programmatic.com/userbind?src=sape&id=1A79042E0E448A632C0213C102AC622B
IP 217.65.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /userbind?src=sape&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: match.new-programmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.22.1
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin
sync.bumlam.com/?src=sap1&uid=1A79042E0E448A632C0213C102AC622B
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=1A79042E0E448A632C0213C102AC622B
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0NWNiYzNiZS03MjZmLTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 27 Nov 2042 18:29:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiPiKmcBmIgMUE3OTA0MkUwRTQ0OEE2MzJDMDIxM0MxMDJBQzYyMkKiARBFy8O-cm8R7asVACWQyCQ3
ETag: 45cbc3be-726f-11ed-ab15-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=129&euid=yc0jndjmi2
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=yc0jndjmi2
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=yc0jndjmi2 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
144.76.138.28302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 144.76.138.28:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1670005775579
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=3cedadad-2267-47c5-95b9-b004b95efcf0;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=3cedadad-2267-47c5-95b9-b004b95efcf0;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=3cedadad-2267-47c5-95b9-b004b95efcf0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0NWQwZDkxYy03MjZmLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 27 Nov 2042 18:29:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sape&s_data=CAIQARiPiKmcBqIBEEXQ2RxybxHthuAAJZDAZHw*
ETag: 45d0d91c-726f-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
cs.agency2.ru/p?ssp=sp&uid=1A79042E0E448A632C0213C102AC622B
23.111.107.44301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=1A79042E0E448A632C0213C102AC622B
IP 23.111.107.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=0d031e3f-088a-44b6-b720-7fdc125df6f9
Set-Cookie: uuid=0d031e3f-088a-44b6-b720-7fdc125df6f9; expires=Thu, 23 Nov 2023 18:29:35 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
sync.bumlam.com/?src=sap1&s_data=CAIQARiPiKmcBmIgMUE3OTA0MkUwRTQ0OEE2MzJDMDIxM0MxMDJBQzYyMkKiARBFy8O-cm8R7asVACWQyCQ3
31.172.81.172200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARiPiKmcBmIgMUE3OTA0MkUwRTQ0OEE2MzJDMDIxM0MxMDJBQzYyMkKiARBFy8O-cm8R7asVACWQyCQ3
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARiPiKmcBmIgMUE3OTA0MkUwRTQ0OEE2MzJDMDIxM0MxMDJBQzYyMkKiARBFy8O-cm8R7asVACWQyCQ3 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0NWNiYzNiZS03MjZmLTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0NWNiYzNiZS03MjZmLTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*; Path=/; Expires=Thu, 27 Nov 2042 18:29:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b37388c5377b1c2d45acb58628d011ce
810f4fd8ce20869c6bb9347f10913766c7595936
3de70402913d9e806db7365e19f90ae03251548e03777f9ddd3980db8873d46a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DE70402913D9E806DB7365E19F90AE03251548E03777F9DDD3980DB8873D46A"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14586
Expires: Fri, 02 Dec 2022 22:32:41 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
www.acint.net/match?dp=71&euid=3cedadad-2267-47c5-95b9-b004b95efcf0
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=3cedadad-2267-47c5-95b9-b004b95efcf0
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=3cedadad-2267-47c5-95b9-b004b95efcf0 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape&s_data=CAIQARiPiKmcBqIBEEXQ2RxybxHthuAAJZDAZHw*
31.172.81.172302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape&s_data=CAIQARiPiKmcBqIBEEXQ2RxybxHthuAAJZDAZHw*
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape&s_data=CAIQARiPiKmcBqIBEEXQ2RxybxHthuAAJZDAZHw* HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0NWQwZDkxYy03MjZmLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ0NWQwZDkxYy03MjZmLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 27 Nov 2042 18:29:35 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=45d0d91c-726f-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
www.acint.net/match?dp=186&euid=0d031e3f-088a-44b6-b720-7fdc125df6f9
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=0d031e3f-088a-44b6-b720-7fdc125df6f9
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=0d031e3f-088a-44b6-b720-7fdc125df6f9 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/sync_ok?guid=45d0d91c-726f-11ed-86e0-002590c0647c
31.172.81.160302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=45d0d91c-726f-11ed-86e0-002590c0647c
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=45d0d91c-726f-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0NWQwZDkxYy03MjZmLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://45d0d91c-726f-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6b9efc56a5c83007514905bc0fbb010e
9133a19f469b8cc3d2fb36399c0955554b0fe1da
d0c5cd5deea1f0b5e77402c785309b5088f732f05ddb5a2ef90f66541c4f0aa5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 15:41:02 GMT
Expires: Tue, 06 Dec 2022 15:41:01 GMT
Etag: "9133a19f469b8cc3d2fb36399c0955554b0fe1da"
Cache-Control: max-age=334885,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773621015914b4f4-OSL
ut.rktch.com/matchspm?pi=1000005&pui=1A79042E0E448A632C0213C102AC622B
89.108.97.2302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=1A79042E0E448A632C0213C102AC622B
IP 89.108.97.2:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=cc18733cde3c7f1c981c95930b9f8b221947; Max-Age=2592000; Expires=Sun, 01 Jan 2023 18:29:35 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
144.76.118.200301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 144.76.118.200:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash bab59e29ef65aeda306f08dd82f08773
ac0e91ea07ce5dbebe8d884fb1722a5ad5e20772
4e2e546a3ada398c33771652371bc4e04e7200626bc47d2ea2abdf570f115a18
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=304f4f34-49fc-4317-5d36-f971f609833a
serverid: TODO
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 37aa290a103eadb790e88028efe40afe
92a9a92a369eb54c60eb4c29c993fb1002240080
e5052a1d2ca1cbd606500c8816a421c2ccc14398ef6147c36b8c3ed33cb99354
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5052A1D2CA1CBD606500C8816A421C2CCC14398EF6147C36B8C3ED33CB99354"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18093
Expires: Fri, 02 Dec 2022 23:31:08 GMT
Date: Fri, 02 Dec 2022 18:29:35 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ffea812856bc24a6463d3d67e2a07ef8
ca11e04261441a6a1baf10061acaf2ec8bd947ea
8d18599c6db1f4613bdf981433065d8847e89bf4ab2a6dac5b9d583189ff518c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 23:26:48 GMT
Expires: Wed, 07 Dec 2022 23:26:47 GMT
Etag: "ca11e04261441a6a1baf10061acaf2ec8bd947ea"
Cache-Control: max-age=449231,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77362102083cb51e-OSL
www.acint.net/match?dp=126&euid=304f4f34-49fc-4317-5d36-f971f609833a
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=304f4f34-49fc-4317-5d36-f971f609833a
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=304f4f34-49fc-4317-5d36-f971f609833a HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
45d0d91c-726f-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape
82.146.53.26302 Moved Temporarily 0 B URL HTTP/1.1 45d0d91c-726f-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape
IP 82.146.53.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 45d0d91c-726f-11ed-86e0-002590c0647c.n1.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0NWQwZDkxYy03MjZmLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.1
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Length: 0
Connection: close
Location: https://pix.bumlam.com/sync/sape/done
pix.bumlam.com/sync/sape/done
31.172.81.160200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ0NWQwZDkxYy03MjZmLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
dmp.gotechnology.io/match/sape?id=1A79042E0E448A632C0213C102AC622B
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1A79042E0E448A632C0213C102AC622B
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:35 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1A79042E0E448A632C0213C102AC622B&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhvtomn4dqfeoevoh2pg%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A177741972121%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A774762904%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 503 B URL HTTP/2 mc.yandex.ru/watch/23414332?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhvtomn4dqfeoevoh2pg%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A177741972121%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A774762904%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /watch/23414332?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhvtomn4dqfeoevoh2pg%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A177741972121%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A774762904%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fantivirus.ru
Connection: keep-alive
Referer: http://fantivirus.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhvtomn4dqfeoevoh2pg%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A177741972121%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A774762904%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-origin: http://fantivirus.ru
set-cookie: yabs-sid=311665751670005775; Path=/; SameSite=None; Secure
i=s/iBFd6LVc7f3Y6jfsZPMntK05DtwVJ3HXHIq5fREbH9vsjsmnOm6+oRuclq0V0nAGNyhNhF1CbImQi9Fq/q4AySYYQ=; Expires=Mon, 29-Nov-2032 18:29:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4611300631670005775; Expires=Sat, 02-Dec-2023 18:29:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4611300631670005775; Expires=Sat, 02-Dec-2023 18:29:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701541775.yc.1670005775#1701541775.yrts.1670005775#1701541775.yrtsi.1670005775; Expires=Sat, 02-Dec-2023 18:29:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 18:29:35 GMT
last-modified: Fri, 02-Dec-2022 18:29:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17032
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 18:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17032
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 18:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17032
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 18:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17032
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 18:29:36 GMT
Connection: keep-alive
dmp.gotechnology.io/match/sape?id=1A79042E0E448A632C0213C102AC622B&chk=1
142.132.209.138302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=1A79042E0E448A632C0213C102AC622B&chk=1
IP 142.132.209.138:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=1A79042E0E448A632C0213C102AC622B&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:36 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg
set-cookie: pid=MmY1NmYyMjJkYmYxNzBhYg; expires=Sat, 02 Dec 2023 18:29:36 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 44928
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 75289
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 47361
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 74365
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 74161
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 27499
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 15cb55a0b8c6a0bdf32c3a2a3fb55feb
286bc5dbc7fb240660c869f02527f4b6072a2e22
c998bf601975c8fcd6670925d988d4be275ef1819d94232b02d30508a1794651
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Dec 2022 17:00:24 GMT
ETag: "286bc5dbc7fb240660c869f02527f4b6072a2e22"
Last-Modified: Fri, 02 Dec 2022 17:00:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773621050b68b4f3-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 15cb55a0b8c6a0bdf32c3a2a3fb55feb
286bc5dbc7fb240660c869f02527f4b6072a2e22
c998bf601975c8fcd6670925d988d4be275ef1819d94232b02d30508a1794651
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 06 Dec 2022 17:00:24 GMT
ETag: "286bc5dbc7fb240660c869f02527f4b6072a2e22"
Last-Modified: Fri, 02 Dec 2022 17:00:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3196
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773621050c0f1c02-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 8b58e96cbd193bbcfec6109c21a607d0
76975032db8f1e97eb9a4be64bbb730c4a262ad7
2eac152e052240a29bc29f528b38a5d878459a3b667dafe465c620b75358b1dd
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Tue, 06 Dec 2022 15:05:24 GMT
ETag: "76975032db8f1e97eb9a4be64bbb730c4a262ad7"
Last-Modified: Fri, 02 Dec 2022 15:05:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3241
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773621051b7ab4f3-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E0E448A632C0213C102AC622B
81.222.128.213200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E0E448A632C0213C102AC622B
IP 81.222.128.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 7cf4a6f7553c6cccbde91ecc6affd102
90b7da82082e2abfb0164d822d63af6cd728791e
6a9121f4b54c5ef638ebac6417ad94c4b10045c7b7d95506cc6a9eb14e099206
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Dec 2022 15:11:34 GMT
ETag: "90b7da82082e2abfb0164d822d63af6cd728791e"
Last-Modified: Fri, 02 Dec 2022 15:11:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 960
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773621053cf61bfa-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.47302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-5040057831; expires=Sun, 01 Dec 2024 18:29:36 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5040057831
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=GnkELg5EimMsAhPBAqxiKw
216.58.211.2200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=GnkELg5EimMsAhPBAqxiKw
IP 216.58.211.2:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=GnkELg5EimMsAhPBAqxiKw HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Fri, 02 Dec 2022 18:29:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 6e89aeee516acc4219e9f5501bb8498b
fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59
b5000556fc6162feb6cf1d1fd51d082d19453f89162aab7e414e3aa44efaae0f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 21:55:03 GMT
Expires: Fri, 02 Dec 2022 21:55:03 GMT
ETag: "fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72200 OK 0 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Length: 0
Connection: close
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ccd0403a573158475fa8b9fa1bd3faa0
2fc47b151e9c32ce0e345a01886f8f842719d468
4ee259e0c86bc54e5c9c72cdf0c735f10a18942f1c5d558e876e01a9662d046f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 16:09:17 GMT
Expires: Fri, 09 Dec 2022 16:09:16 GMT
Etag: "2fc47b151e9c32ce0e345a01886f8f842719d468"
Cache-Control: max-age=595779,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773621054d7bb4f4-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 443540f1a7294b5781d840bdbd26c4c1
90857484bf9da284233c3413bc132facfd613670
4ff883a03aa91977c7287dcdb0af878e6a90360baf7668bcfc509fd0407ed77d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 06 Dec 2022 15:53:48 GMT
ETag: "90857484bf9da284233c3413bc132facfd613670"
Last-Modified: Fri, 02 Dec 2022 15:53:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2132
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773621059c821c02-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
35.190.24.218302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Fri, 02 Dec 2022 18:29:35 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3890368355
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 02 Dec 2022 18:29:36 GMT
set-cookie: AFFICHE_W=idywkZ2HJGmJ27; expires=Sat, 30 Dec 2023 18:29:36 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 153dd5a5276a3445d22209a861993bf9
516f65ea2fba9bce0c21e2d2284442cda28d1168
66b9807a7769711550f93cef1df1648522a2ce6390fbc2fcb6830c8dc65f36f4
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 16:18:18 GMT
Expires: Thu, 08 Dec 2022 16:18:17 GMT
Etag: "516f65ea2fba9bce0c21e2d2284442cda28d1168"
Cache-Control: max-age=602537,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1582
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77362105ae02b4f4-OSL
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb8eb24963aba6ce60efa5ea0ea4d051
06a817a65e9fde341cea2d1f8c3049d8d4caabe9
6032e932ba28bf4de4c744c4ff85a315207dd11470e3cd078838ebb92d6c9536
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=105261
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:29:36 GMT
Etag: "63892584-1d7"
Expires: Sat, 03 Dec 2022 23:43:57 GMT
Last-Modified: Thu, 01 Dec 2022 22:07:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 94761464ba8a8f704548cecc2ce63423
38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85
51c92436ab7e9890dba871ca7f0d0eb6e4b3fc1ae9217e30ba9960eaa7e5c735
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 14:18:43 GMT
Expires: Tue, 06 Dec 2022 14:18:42 GMT
Etag: "38d09e0ce1f8bcf76c31c1f27bc823e8453c6d85"
Cache-Control: max-age=329945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773621058e0eb52d-OSL
ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E0E448A632C0213C102AC622B
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=1A79042E0E448A632C0213C102AC622B
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=1A79042E0E448A632C0213C102AC622B&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
tuuid=9aca3b82-43bf-5250-b93e-61c2dab425d2; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
ut=Y4pEEAAGQZB9DOzBIfSMmGk_xUwWSGs0LKqRRQ==; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 18:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash a65027c6b78d0e7f7d1a3e55efe86164
e6a24c1225b7e9b835ced1713c8d2c3591e165e5
f503db5bfc85d9eb1ca3905c9363afa39ec5886dd2a2dd899d1553a2ec2e3b9c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 06 Dec 2022 17:12:50 GMT
ETag: "e6a24c1225b7e9b835ced1713c8d2c3591e165e5"
Last-Modified: Fri, 02 Dec 2022 17:12:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 692
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77362105ecc7b4f3-OSL
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3890368355
35.190.24.218204 No Content 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3890368355
IP 35.190.24.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3890368355 HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Weborama Collect Frontend
date: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 02 Dec 2022 18:29:36 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.mail.ru/cm.gif?p=48&id=1A79042E0E448A632C0213C102AC622B
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=1A79042E0E448A632C0213C102AC622B
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:29:36 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=2HgaOn1cKpIE0027mv1ri02E:::0-0-0-8a49cd0:CAASEB6yB3tEynjnZJK414FyadQaYPGOoEIixBKYOhkMrsCetLxOBV9nrQ43mU6k2VlpVcf30WelDZIOsenINHar2rbT3GlFceqbx_DNehQ1-3SclKFViFPwIZ42HqJRd2uGServlRplv42ZGjYz5vr_muJKlA; path=/; expires=Sun, 03-Dec-23 18:29:36 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Sat, 03 Dec 2022 00:29:36 GMT
cache-control: max-age=21600
last-modified: Fri, 02 Dec 2022 18:29:36 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ccd0403a573158475fa8b9fa1bd3faa0
2fc47b151e9c32ce0e345a01886f8f842719d468
4ee259e0c86bc54e5c9c72cdf0c735f10a18942f1c5d558e876e01a9662d046f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 16:09:17 GMT
Expires: Fri, 09 Dec 2022 16:09:16 GMT
Etag: "2fc47b151e9c32ce0e345a01886f8f842719d468"
Cache-Control: max-age=595779,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773621056c9ab51e-OSL
an.yandex.ru/mapuid/sapeis/1A79042E0E448A632C0213C102AC622B?redir-setuniq=1
93.158.134.90200 OK 118 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1A79042E0E448A632C0213C102AC622B?redir-setuniq=1
IP 93.158.134.90:0
Hash d72ffa9040183a53fee44adec3a16950
38e3187cccfb1ed41d47a98c15500f404cc43ac7
5b30c1484eb96b53cc6eb5c33f029c84deb3ec22aa1da45d5c0959922e17bc01
GET /mapuid/sapeis/1A79042E0E448A632C0213C102AC622B?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 02 Dec 2022 18:29:36 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 18:29:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 18:29:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sape-sync.rutarget.ru/sync
178.170.196.247302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 178.170.196.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=BwvAQYW-XCn3
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=BwvAQYW-XCn3; Path=/; Domain=.rutarget.ru; Expires=Wed, 31 May 2023 18:29:36 GMT; SameSite=None; Secure
x01.aidata.io/0.gif?pid=9401454&id=1A79042E0E448A632C0213C102AC622B
89.108.120.68302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1A79042E0E448A632C0213C102AC622B
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:36 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1A79042E0E448A632C0213C102AC622B&bounce=1
expires: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 02 Dec 2022 18:29:35 GMT
set-cookie: __upin=aQw5duhKBkeSCAGbgJyy9Q;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1670005776;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
sm.rtb.mts.ru/p?ssp=sape&id=1A79042E0E448A632C0213C102AC622B
217.66.147.41301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=1A79042E0E448A632C0213C102AC622B
IP 217.66.147.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E0E448A632C0213C102AC622B
Set-Cookie: dspid=2a07638b-85fa-4609-94fb-914a5b56668b; expires=Thu, 23 Nov 2023 18:29:36 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5040057831
195.209.108.47302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5040057831
IP 195.209.108.47:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5040057831 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 01 Dec 2024 18:29:36 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
tuuid=4866a4f8-b6f5-5250-812a-c4ace2a080bc; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
ut=Y4pEEAAB2KiSQ5pVRqCVKZVgIWv--TjMeU5RLA==; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=1A79042E0E448A632C0213C102AC622B
194.190.76.44302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1A79042E0E448A632C0213C102AC622B
IP 194.190.76.44:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 18:29:36 GMT
content-length: 0
x-backend-id: f22-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=uxDXCH5B9kYf.AikABlGE1Bnf3A;Path=/;Domain=.adhigh.net;Expires=Sat, 02-Dec-2023 18:29:36 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1A79042E0E448A632C0213C102AC622B&bounced=1
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 6e89aeee516acc4219e9f5501bb8498b
fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59
b5000556fc6162feb6cf1d1fd51d082d19453f89162aab7e414e3aa44efaae0f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 18:29:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 01 Dec 2022 21:55:03 GMT
Expires: Fri, 02 Dec 2022 21:55:03 GMT
ETag: "fb9de3fdf1931ae95dbf2ef62c8cc0697a7bbd59"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
x01.aidata.io/0.gif?pid=9401454&id=1A79042E0E448A632C0213C102AC622B&bounce=1
89.108.120.68204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=1A79042E0E448A632C0213C102AC622B&bounce=1
IP 89.108.120.68:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=1A79042E0E448A632C0213C102AC622B&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 02 Dec 2022 18:29:36 GMT
expires: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 02 Dec 2022 18:29:35 GMT
set-cookie: __upin=SRvi39pHwhAz/cqpiJ22zg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1670005776;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=BwvAQYW-XCn3
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=BwvAQYW-XCn3
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=BwvAQYW-XCn3 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:36 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E0E448A632C0213C102AC622B
217.66.147.41200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=1A79042E0E448A632C0213C102AC622B
IP 217.66.147.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.34.65200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.34.65:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
tuuid=bb7b9e84-6b6b-5250-8409-cb9ce7838f8c; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
ut=Y4pEEAAKEiA9CUEs3vAmga_4E8ThCkEmixF0Sg==; Max-Age=31536000; Expires=Sat, 02 Dec 2023 18:29:36 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
46.4.114.109302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 02 Dec 2022 18:29:36 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E0F448A632F02F29202CB5A53
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E0F448A632F02F29202CB5A53
81.222.128.213200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E0F448A632F02F29202CB5A53
IP 81.222.128.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=6D72042E0F448A632F02F29202CB5A53 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 18:29:36 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
px.adhigh.net/p/cm/sape?u=1A79042E0E448A632C0213C102AC622B&bounced=1
194.190.76.44200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=1A79042E0E448A632C0213C102AC622B&bounced=1
IP 194.190.76.44:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=1A79042E0E448A632C0213C102AC622B&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 18:29:36 GMT
content-type: image/gif
content-length: 49
x-backend-id: f22-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=25656567&dT=2022-12-02T18%3A29%3A36.050
46.4.114.109302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=25656567&dT=2022-12-02T18%3A29%3A36.050
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=25656567&dT=2022-12-02T18%3A29%3A36.050 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fantivirus.ru/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 02 Dec 2022 18:29:37 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=25656567&dT=2022-12-02T18%3A29%3A36.050
www.acint.net/ping/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=25656567&dT=2022-12-02T18%3A29%3A36.050
46.4.114.109200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=25656567&dT=2022-12-02T18%3A29%3A36.050
IP 46.4.114.109:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=ca71634d-7906-4d2e-ba31-4e9fd7b11c93&dp=10&tz=%2B00%3A00&nc=25656567&dT=2022-12-02T18%3A29%3A36.050 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fantivirus.ru/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=LgRybWOKRA+S8gIvU1rLAuy4cQ940mH7AkmSeJO2/YHF8EpR; cSyncDp7v2=1670005775; cSyncDp14v3=1670005775; cSyncDp17=1670005775; cSyncDp32=1670005775; cSyncDp45v3=1670005775; cSyncDp53=1670005775; cSyncDp54v2=1670005775; cSyncDp62=1670005775; cSyncDp67v2=1670005775; cSyncDp68=1670005775; cSyncDp71=1670005775; cSyncDp77=1670005775; cSyncDp84=1670005775; cSyncDp85=1670005775; cSyncDp95v3=1670005775; cSyncDp101=1670005775; cSyncDp104v2=1670005775; cSyncDp107=1670005775; cSyncDp110=1670005775; cSyncDp111v2=1670005775; cSyncDp112v2=1670005775; cSyncDp125v2=1670005775; cSyncDp126=1670005775; cSyncDp127=1670005775; cSyncDp129=1670005775; cSyncDp136v2=1670005775; cSyncDp138=1670005775; cSyncDp146=1670005775; cSyncDp148=1670005775; cSyncDp149v2=1670005775; cSyncDp151=1670005775; cSyncDp178=1670005775; cSyncDp179=1670005775; cSyncDp186=1670005775; cSyncDp221=1670005775
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 02 Dec 2022 18:29:37 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/1A79042E0E448A632C0213C102AC622B
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/1A79042E0E448A632C0213C102AC622B
IP 93.158.134.90:0
GET /mapuid/sapeis/1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/1A79042E0E448A632C0213C102AC622B?redir-setuniq=1
date: Fri, 02 Dec 2022 18:29:36 GMT
set-cookie: yandexuid=2555481351670005776; domain=.yandex.ru; path=/; expires=Mon, 29-Nov-2032 18:29:36 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 18:29:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 18:29:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg?redir-setuniq=1
93.158.134.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg?redir-setuniq=1
IP 93.158.134.90:0
GET /mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 02 Dec 2022 18:29:36 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 18:29:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 18:29:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=1A79042E0E448A632C0213C102AC622B
95.211.66.35200 OK 0 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=1A79042E0E448A632C0213C102AC622B
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /merge_gpsid/?sid=50&id=1A79042E0E448A632C0213C102AC622B HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 02 Dec 2022 18:29:35 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
mc.yandex.ru/watch/51438373?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A252874151820%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A256476908%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/51438373?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A252874151820%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A256476908%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
GET /watch/51438373?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A252874151820%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A256476908%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fantivirus.ru
Connection: keep-alive
Referer: http://fantivirus.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/51438373/1?wmode=7&page-url=http%3A%2F%2Ffantivirus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A824%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A252874151820%3Ahid%3A92610139%3Az%3A0%3Ai%3A20221202182933%3Aet%3A1670005774%3Ac%3A1%3Arn%3A256476908%3Arqn%3A1%3Au%3A16700057741042694305%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C2%2C1%2C0%2C%2C780%2C1%2C%2C%2C%2C876%3Aco%3A0%3Ans%3A1670005771965%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670005774%3At%3A%D0%90%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%2C%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D0%B8%20%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%2C%20%D1%83%D1%82%D0%B8%D0%BB%D0%B8%D1%82%D1%8B%20%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 02 Dec 2022 18:29:35 GMT
access-control-allow-origin: http://fantivirus.ru
set-cookie: yabs-sid=2646352531670005775; Path=/; SameSite=None; Secure
i=WR9ohqGdMJYBPpWslpb7y+JCebp4X2NdduzQzsD2Z6aiaAsLNEWiXM3f39GJMMtWYzWTo41jbCvO0Zc2piKVw1bpEZU=; Expires=Mon, 29-Nov-2032 18:29:30 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4727751491670005775; Expires=Sat, 02-Dec-2023 18:29:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4727751491670005775; Expires=Sat, 02-Dec-2023 18:29:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701541775.yc.1670005775#1701541775.yrts.1670005775#1701541775.yrtsi.1670005775; Expires=Sat, 02-Dec-2023 18:29:35 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 18:29:35 GMT
last-modified: Fri, 02-Dec-2022 18:29:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg
93.158.134.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg
IP 93.158.134.90:0
GET /mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/MmY1NmYyMjJkYmYxNzBhYg?redir-setuniq=1
date: Fri, 02 Dec 2022 18:29:36 GMT
set-cookie: yandexuid=1371424361670005776; domain=.yandex.ru; path=/; expires=Mon, 29-Nov-2032 18:29:36 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 18:29:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 02 Dec 2022 18:29:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
65.109.65.187302 Found 0 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP 65.109.65.187:0
ASN #24940 Hetzner Online GmbH
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Fri, 02 Dec 2022 18:29:35 GMT
x-request-id: ab59e617-3c1d-4259-a188-73b1fb190eb9
set-cookie: bvuid=yc0jndjmi2; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=yc0jndjmi2; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=yc0jndjmi2
X-Firefox-Spdy: h2