Overview

URL www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
IP116.202.162.93
ASNHetzner Online GmbH
Location Germany
Report completed2022-09-25 01:49:58 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-25 2 www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf Malware
2022-09-25 2 www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (61)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-24 05:36:42 UTC 54.200.107.47
mnemonic passive DNS a.utraff.com (1) 39874 2020-01-25 04:23:15 UTC 2022-09-24 21:31:42 UTC 104.21.59.66
mnemonic passive DNS exchange.buzzoola.com (1) 18389 2014-10-17 15:20:27 UTC 2022-09-24 18:07:27 UTC 116.202.236.171
mnemonic passive DNS mediatoday.ru (1) 136083 2013-05-20 20:53:32 UTC 2022-09-24 21:32:00 UTC 139.45.228.100
mnemonic passive DNS ad.mail.ru (1) 7643 2012-06-22 19:38:09 UTC 2022-09-24 21:31:42 UTC 95.163.41.56
mnemonic passive DNS r3.o.lencr.org (15) 344 2020-12-02 08:52:13 UTC 2022-09-24 04:21:50 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-24 19:48:02 UTC 143.204.55.115
mnemonic passive DNS www.acint.net (12) 29072 2014-02-14 21:23:16 UTC 2022-09-24 18:07:26 UTC 185.12.125.25
mnemonic passive DNS ad.adriver.ru (2) 19548 2012-08-31 17:10:27 UTC 2022-09-24 18:07:27 UTC 195.209.108.36
mnemonic passive DNS sm.rtb.mts.ru (2) 27154 2019-03-26 14:10:01 UTC 2022-09-24 21:31:42 UTC 217.66.147.33
mnemonic passive DNS ocsp.globalsign.com (6) 2075 2012-05-25 06:20:55 UTC 2022-09-24 04:22:42 UTC 104.18.20.226
mnemonic passive DNS 0ca7879e-58f6-4764-a8cf-6133733a3774.sync.upravel.com (1) 0 No data No data 148.251.78.49 Domain (upravel.com) ranked at: 27764
mnemonic passive DNS cm.g.doubleclick.net (1) 202 2013-05-30 23:19:45 UTC 2022-09-24 22:48:17 UTC 142.250.74.34
mnemonic passive DNS sync.upravel.com (1) 28097 2017-05-29 09:13:46 UTC 2022-09-24 21:31:42 UTC 78.46.16.13
mnemonic passive DNS dmg.digitaltarget.ru (3) 21471 2015-04-23 14:50:51 UTC 2022-09-24 18:07:29 UTC 185.15.175.174
mnemonic passive DNS stats.wp.com (1) 2711 2017-01-30 05:06:59 UTC 2022-09-24 06:47:01 UTC 192.0.76.3
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-24 04:21:47 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS dm-eu.hybrid.ai (1) 28847 2021-01-25 11:48:59 UTC 2022-09-24 18:07:27 UTC 37.18.103.21
mnemonic passive DNS ads.betweendigital.com (3) 1571 2012-10-30 05:08:04 UTC 2022-09-24 18:07:27 UTC 188.42.191.196
mnemonic passive DNS ut.rktch.com (1) 41215 2018-06-04 10:29:18 UTC 2022-09-24 21:31:42 UTC 89.108.97.2
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-24 04:22:29 UTC 34.120.237.76
mnemonic passive DNS dmp.gotechnology.io (2) 48839 2019-06-17 16:08:58 UTC 2022-09-24 18:07:27 UTC 142.132.209.136
mnemonic passive DNS ssp.adriver.ru (2) 12439 2014-01-10 13:39:33 UTC 2022-09-24 18:07:28 UTC 195.209.111.4
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-24 04:26:56 UTC 143.204.55.49
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-24 16:35:09 UTC 142.250.74.164
mnemonic passive DNS sync.dmp.otm-r.com (1) 19534 2017-02-03 07:19:51 UTC 2022-09-24 21:31:42 UTC 138.201.65.75
mnemonic passive DNS status.geotrust.com (1) 3662 2017-12-01 08:55:31 UTC 2022-09-24 05:11:53 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-24 04:23:20 UTC 142.250.74.3
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-25 00:27:17 UTC 142.250.74.42
mnemonic passive DNS ssp.bestssp.com (1) 90974 2017-06-10 08:55:20 UTC 2022-09-24 21:31:42 UTC 185.147.80.35
mnemonic passive DNS stat.adlabs.ru (1) 200922 2012-07-23 15:58:30 UTC 2022-09-24 18:07:27 UTC 109.248.237.36
mnemonic passive DNS 1a7d0cb9bdb32f63bf00640f0248abe8-sp.ops.beeline.ru (1) 0 No data No data 37.9.245.57 Domain (beeline.ru) ranked at: 20964
mnemonic passive DNS px.adhigh.net (2) 10272 2013-01-03 21:02:08 UTC 2022-09-24 18:07:27 UTC 193.232.150.43
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-24 19:30:16 UTC 93.184.220.29
mnemonic passive DNS ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-09-24 19:20:00 UTC 172.64.155.188
mnemonic passive DNS cs.agency2.ru (1) 0 2022-04-29 14:24:02 UTC 2022-09-24 18:07:27 UTC 23.111.107.44 Unknown ranking
mnemonic passive DNS ssp-rtb.sape.ru (1) 31166 2016-02-02 17:01:03 UTC 2022-09-24 18:07:27 UTC 193.3.184.130
mnemonic passive DNS nr.bidderstack.com (1) 352019 2019-02-11 14:43:50 UTC 2022-09-24 21:31:42 UTC 46.4.70.80
mnemonic passive DNS sync.bumlam.com (2) 3243 2015-08-10 21:04:25 UTC 2022-09-24 21:31:42 UTC 31.172.81.159
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-24 04:22:23 UTC 34.117.237.239
mnemonic passive DNS acint.net (2) 22962 2014-02-14 21:23:16 UTC 2022-09-24 18:07:27 UTC 185.12.125.25
mnemonic passive DNS an.yandex.ru (4) 2577 2017-01-30 05:11:51 UTC 2022-09-24 23:03:19 UTC 213.180.193.90
mnemonic passive DNS tech.rtb.mts.ru (1) 27360 2017-04-17 12:41:30 UTC 2022-09-24 18:07:28 UTC 213.87.44.187
mnemonic passive DNS ocsp2.globalsign.com (2) 1544 2012-05-21 07:12:19 UTC 2022-09-24 04:24:02 UTC 104.18.21.226
mnemonic passive DNS ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2022-09-24 04:21:46 UTC 172.64.155.188
mnemonic passive DNS redirect.frontend.weborama.fr (2) 8348 2017-05-04 15:00:27 UTC 2022-09-24 18:07:27 UTC 35.190.24.218
mnemonic passive DNS sape-sync.rutarget.ru (1) 173587 2018-08-07 14:11:47 UTC 2022-09-24 18:07:27 UTC 87.242.93.185
mnemonic passive DNS sync.adkernel.com (1) 4993 2017-04-19 09:25:22 UTC 2022-09-24 18:07:27 UTC 77.245.57.72
mnemonic passive DNS sync.1dmp.io (2) 10017 2016-02-09 11:52:58 UTC 2022-09-24 18:07:27 UTC 95.216.101.186
mnemonic passive DNS sync.republer.com (1) 45392 2015-04-29 11:49:27 UTC 2022-09-24 21:31:42 UTC 23.88.82.46
mnemonic passive DNS fcgi4.gnezdo.ru (1) 69027 2020-06-11 12:55:54 UTC 2022-09-24 18:07:27 UTC 93.95.102.105
mnemonic passive DNS status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-09-24 05:48:27 UTC 93.184.220.29
mnemonic passive DNS adlmerge.com (1) 146521 2017-04-06 07:10:27 UTC 2022-09-24 18:07:29 UTC 95.211.66.35
mnemonic passive DNS x01.aidata.io (1) 12188 2016-03-31 15:36:46 UTC 2022-09-24 21:31:42 UTC 89.108.120.76
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-24 19:28:53 UTC 216.58.211.10
mnemonic passive DNS www.cdnapolicity.it (60) 0 2016-11-06 16:53:54 UTC 2022-09-24 15:27:48 UTC 116.202.162.93 Unknown ranking
mnemonic passive DNS ads.adlook.me (1) 43352 2018-11-28 12:50:19 UTC 2022-09-24 18:07:27 UTC 5.101.76.186
mnemonic passive DNS match.new-programmatic.com (1) 33613 2020-02-18 20:50:06 UTC 2022-09-24 21:31:42 UTC 217.65.2.150
mnemonic passive DNS s.uuidksinc.net (1) 3423 2015-07-20 12:00:35 UTC 2022-09-24 18:07:27 UTC 31.220.27.155
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-24 04:39:15 UTC 192.124.249.41
mnemonic passive DNS tag.digitaltarget.ru (2) 98193 2015-07-21 14:24:58 UTC 2022-09-24 21:31:42 UTC 185.15.175.146


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 116.202.162.93

Date UQ / IDS / BL URL IP
2022-11-23 11:28:40 +0000
0 - 0 - 2 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-11-05 16:46:38 +0000
0 - 0 - 34 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-10-23 22:40:30 +0000
0 - 0 - 37 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-10-22 22:31:32 +0000
0 - 0 - 2 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-09-25 01:49:58 +0000
0 - 0 - 2 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-11-30 04:55:37 +0000
0 - 0 - 2 116.202.6.206/933701787725.zip 116.202.6.206
2022-11-30 04:53:32 +0000
0 - 0 - 4 wvaspen.com/ 65.21.178.24
2022-11-30 04:52:23 +0000
0 - 0 - 10 rayoweb.ir/ 142.132.182.237
2022-11-30 04:49:21 +0000
0 - 0 - 2 88.198.94.71/188282770686.zip 88.198.94.71
2022-11-30 04:48:28 +0000
0 - 0 - 51 vlspfinservices.com/ 162.55.110.22

Last 5 reports on domain: cdnapolicity.it

Date UQ / IDS / BL URL IP
2022-11-23 11:28:40 +0000
0 - 0 - 2 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-11-05 16:46:38 +0000
0 - 0 - 34 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-10-23 22:40:30 +0000
0 - 0 - 37 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-10-22 22:31:32 +0000
0 - 0 - 2 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-09-25 01:49:58 +0000
0 - 0 - 2 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-05 16:46:38 +0000
0 - 0 - 34 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93
2022-10-23 22:40:30 +0000
0 - 0 - 37 www.cdnapolicity.it/wp-content/uploads/2022/0 (...) 116.202.162.93


JavaScript

Executed Scripts (53)


Executed Evals (5)

#1 JavaScript::Eval (size: 15578, repeated: 1) - SHA256: 82b81c86cdae578664003b993458bc63c9de6f989bde32d1671110605cbbb93f

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var c = function(h) {
            return h
        },
        Y = this || self,
        y = function(h, U) {
            if (h = (U = Y.trustedTypes, null), !U || !U.createPolicy) return h;
            try {
                h = U.createPolicy("bg", {
                    createHTML: c,
                    createScript: c,
                    createScriptURL: c
                })
            } catch (w) {
                Y.console && Y.console.error(w.message)
            }
            return h
        };
    (0, eval)(function(h, U) {
        return (U = y()) && 1 === h.eval(U.createScript("1")) ? function(w) {
            return U.createScript(w)
        } : function(w) {
            return "" + w
        }
    }(Y)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var p=function(h,U){if(h.v)return hi(h,h.P);return(U=v(true,8,h),U)&128&&(U^=128,h=v(true,2,h),U=(U<<2)+(h|0)),U},T=function(h,U,c){c=this;try{Uu(U,this,h)}catch(Y){E(this,Y),U(function(A){A(c.F)})}},X=function(h,U,c,Y,A,w){if(!U.S){if(3<(h=m(419,((0==(Y=m((A=void 0,h&&h[0]===R&&(A=h[2],c=h[1],h=void 0),418),U),Y.length)&&(w=m(168,U)>>3,Y.push(c,w>>8&255,w&255),void 0!=A&&Y.push(A&255)),c="",h)&&(h.message&&(c+=h.message),h.stack&&(c+=":"+h.stack)),U)),h)){c=(h-=(c=c.slice(0,(h|0)-3),(c.length|0)+3),wH(c)),A=U.j,U.j=U;try{q(U,23,u(c.length,2).concat(c),9)}finally{U.j=A}}I(419,U,h)}},YC=function(h,U){if(U=(h=f.trustedTypes,null),!h||!h.createPolicy)return U;try{U=h.createPolicy("bg",{createHTML:cv,createScript:cv,createScriptURL:cv})}catch(c){f.console&&f.console.error(c.message)}return U},zq=function(h,U,c,Y,A,w){function y(){if(Y.j==Y){if(Y.K){var z=[D,c,U,void 0,A,w,arguments];if(2==h)var g=V(Y,(H(z,Y),false),false);else if(1==h){var r=!Y.h.length;H(z,Y),r&&V(Y,false,false)}else g=yF(Y,z);return g}A&&w&&A.removeEventListener(w,y,Z)}}return y},Ai=function(h,U){return h(function(c){c(U)}),[function(){return U}]},E=function(h,U){h.F=((h.F?h.F+"~":"E:")+U.message+":"+U.stack).slice(0,2048)},i4=function(h,U,c,Y){for(c=(Y=p(U),0);0<h;h--)c=c<<8|N(U);I(Y,U,c)},pl=function(h,U,c,Y){return m(408,(I(108,(vv(h,((Y=m(108,h),h.W)&&Y<h.Z?(I(108,h,h.Z),rH(h,U)):I(108,h,U),c)),h),Y),h))},wH=function(h,U,c,Y,A){for(A=(U=(h=h.replace(/\\r\\n/g,"\\n"),[]),c=0);c<h.length;c++)Y=h.charCodeAt(c),128>Y?U[A++]=Y:(2048>Y?U[A++]=Y>>6|192:(55296==(Y&64512)&&c+1<h.length&&56320==(h.charCodeAt(c+1)&64512)?(Y=65536+((Y&1023)<<10)+(h.charCodeAt(++c)&1023),U[A++]=Y>>18|240,U[A++]=Y>>12&63|128):U[A++]=Y>>12|224,U[A++]=Y>>6&63|128),U[A++]=Y&63|128);return U},Eu=function(h,U){return h[U]<<24|h[(U|0)+1]<<16|h[(U|0)+2]<<8|h[(U|0)+3]},Tq=function(h,U,c,Y){function A(){}return{invoke:(Y=xC(h,function(w){A&&(U&&K(U),c=w,A(),A=void 0)},(c=void 0,!!U))[0],function(w,y,z,g){function r(){c(function(x){K(function(){w(x)})},z)}if(!y)return y=Y(z),w&&w(y),y;c?r():(g=A,A=function(){(g(),K)(r)})})}},e=function(h,U){for(U=[];h--;)U.push(255*Math.random()|0);return U},I=function(h,U,c){if(108==h||168==h)U.K[h]?U.K[h].concat(c):U.K[h]=M9(U,c);else{if(U.S&&142!=h)return;158==h||23==h||190==h||418==h||77==h?U.K[h]||(U.K[h]=SD(U,c,h,38)):U.K[h]=SD(U,c,h,41)}142==h&&(U.U=v(false,32,U),U.J=void 0)},b=function(h,U,c){c[I(U,h,c),Ou]=2796},q=function(h,U,c,Y,A,w){if(h.j==h)for(w=m(U,h),23==U?(U=function(y,z,g,r){if(r=((z=w.length,z)|0)-4>>3,w.eN!=r){r=[0,0,(w.eN=r,g=(r<<3)-4,A)[1],A[2]];try{w.kR=Ri(Eu(w,(g|0)+4),r,Eu(w,g))}catch(x){throw x;}}w.push(w.kR[z&7]^y)},A=m(77,h)):U=function(y){w.push(y)},Y&&U(Y&255),h=c.length,Y=0;Y<h;Y++)U(c[Y])},k,mu=function(h,U,c){return U.g(function(Y){c=Y},false,h),c},Uu=function(h,U,c,Y,A){for((U.Qc=((U.qI=su,U).Zs=(U.dd=q9,U[n]),u4)(U.H,{get:function(){return this.concat()}}),U).Hs=W[U.H](U.Qc,{value:{value:{}}}),Y=[],A=0;128>A;A++)Y[A]=String.fromCharCode(A);V(U,true,(H((H([(H((b(U,(b((b(U,(I(((b(U,(b(U,(b(U,(U.br=(b(U,(I(335,U,(I(190,(b(U,103,(I(158,U,[160,(b((b(U,318,(b(U,436,(b((b(U,114,(b(U,33,(I((b(U,260,(b(U,222,(b(U,242,(I((b(U,133,(b((b(U,215,(b(U,398,(b(U,(b((b(U,(I(23,(b(U,(I(418,U,((I(168,U,(I(108,(U.tZ=((U.Fu=false,A=window.performance||{},U).S=((U.N=(U.G=8001,U.D=void 0,U.X=[],0),U.hZ=(U.h=[],function(w){this.j=w}),U.Y=1,U).F=(U.Z=0,U.B=25,U.j=(U.J=void 0,U),(U.u=0,U).L=null,void 0),false),(U.s=(U.yc=[],0),(U.P=(U.i=false,void 0),U).W=(U.OB=0,[]),U).U=(U.V=[],U.C=(U.o=0,U.K=[],U.v=void 0,0),U.R=void 0,void 0),A.timeOrigin||(A.timing||{}).navigationStart||0),U),0),0)),b)(U,91,function(w,y,z,g){z=(g=(z=p(w),p(w)),y=p(w),g=m(g,w),m(z,w)==g),I(y,w,+z)}),[])),179),function(w,y,z,g,r){I((z=(y=p((z=(g=(r=p(w),p(w)),p)(w),w)),y=m(y,w),m(z,w)),g=m(g,w),r),w,zq(y,z,g,w))}),U),e(4)),486),function(w){QF(w,4)}),U),507,function(w){l4(w,4)}),462),function(w,y,z){J(false,y,true,w)||(y=p(w),z=p(w),I(z,w,function(g){return eval(g)}(oi(m(y,w.j)))))}),function(w,y,z,g){I((z=(y=p(w),g=N(w),p)(w),z),w,m(y,w)>>>g)})),function(w,y,z,g,r){0!==(z=(y=m((r=(g=m((z=p((r=p(w),w)),y=p(w),g=p(w),g),w),m)(r,w.j),y),w),m(z,w)),r)&&(g=zq(1,g,y,w,r,z),r.addEventListener(z,g,Z),I(246,w,[r,z,g]))})),I(385,U,0),U),266,function(w,y,z,g,r,x,M,O,S,C,Q,F){function a(l,G){for(;S<l;)g|=N(w)<<S,S+=8;return S-=l,G=g&(1<<l)-1,g>>=l,G}for(x=(Q=(C=(S=(z=p(w),g=0),(a(3)|0)+1),a(5)),r=M=0,[]);r<Q;r++)y=a(1),x.push(y),M+=y?0:1;for(O=(M=((M|0)-1).toString(2).length,[]),r=0;r<Q;r++)x[r]||(O[r]=a(M));for(M=0;M<Q;M++)x[M]&&(O[M]=p(w));for(F=[];C--;)F.push(m(p(w),w));b(w,z,function(l,G,P,L,gH){for(G=(gH=[],0),L=[];G<Q;G++){if(!x[P=O[G],G]){for(;P>=L.length;)L.push(p(l));P=L[P]}gH.push(P)}l.P=M9(l,(l.v=M9(l,F.slice()),gH))})}),function(w,y,z,g,r,x){J(false,y,true,w)||(z=Ii(w.j),y=z.KJ,x=z.jN,r=z.A,z=z.O,g=z.length,x=0==g?new x[r]:1==g?new x[r](z[0]):2==g?new x[r](z[0],z[1]):3==g?new x[r](z[0],z[1],z[2]):4==g?new x[r](z[0],z[1],z[2],z[3]):2(),I(y,w,x))})),77),U,[0,0,0]),function(){})),U.LJ=0,I(419,U,2048),function(w,y,z,g,r,x,M){for(y=(M=(x=m(237,(z=(g=(r=p(w),X$)(w),""),w)),x.length),0);g--;)y=((y|0)+(X$(w)|0))%M,z+=Y[x[y]];I(r,w,z)})),function(w,y,z,g,r){for(g=(r=(y=X$((z=p(w),w)),0),[]);r<y;r++)g.push(N(w));I(z,w,g)})),296),U,U),function(w,y,z,g){y=(z=(g=(z=(y=p(w),p)(w),p)(w),m)(z,w),m)(y,w),I(g,w,y in z|0)})),function(w,y,z,g){I((z=m((y=(g=(y=(z=p(w),p)(w),p)(w),m(y,w)),z),w),g),w,z[y])})),U),76,function(w,y,z){(z=0!=(y=(z=p(w),p(w)),m(z,w)),y=m(y,w),z)&&I(108,w,y)}),function(w){QF(w,1)})),function(w,y,z,g){I((z=(g=(y=p(w),p(w)),p(w)),z),w,m(y,w)||m(g,w))})),U),510,function(w,y,z,g){if(y=w.yc.pop()){for(z=N(w);0<z;z--)g=p(w),y[g]=w.K[g];w.K=(y[419]=(y[418]=w.K[418],w).K[419],y)}else I(108,w,w.Z)}),b(U,113,function(w,y,z,g,r){r=(z=p((y=p(w),w)),p)(w),w.j==w&&(g=m(y,w),r=m(r,w),z=m(z,w),g[z]=r,142==y&&(w.J=void 0,2==z&&(w.U=v(false,32,w),w.J=void 0)))}),0),0]),function(w){i4(4,w)})),I(369,U,477),U),[]),f)),I(408,U,{}),397),function(w,y,z,g,r,x){if(!J(true,y,true,w)){if("object"==(w=(g=(r=m((y=m((x=p((g=(r=(y=p(w),p(w)),p(w)),w)),y),w),r),w),m)(g,w),m(x,w)),fl(y))){for(z in x=[],y)x.push(z);y=x}for(x=0,z=y.length,g=0<g?g:1;x<z;x+=g)r(y.slice(x,(x|0)+(g|0)),w)}}),0),85),function(w,y,z){(y=fl((y=m((z=(y=p(w),p(w)),y),w),y)),I)(z,w,y)}),431),function(w,y,z,g){!J(false,y,true,w)&&(y=Ii(w),z=y.jN,g=y.A,w.j==w||g==w.hZ&&z==w)&&(I(y.KJ,w,g.apply(z,y.O)),w.o=w.T())}),254),function(w,y){rH((y=m(p(w),w),w.j),y)}),U).IO=0,246),U,0),71),function(w,y){w=m((y=p(w),y),w.j),w[0].removeEventListener(w[1],w[2],Z)}),b(U,468,function(w,y,z){z=(y=p(w),p(w)),I(z,w,""+m(y,w))}),U),58,function(w,y,z,g){g=(y=m((z=(g=p(w),p(w)),z),w),m(g,w)),I(z,w,y+g)}),449),function(w){l4(w,3)}),[Ou]),U),d),c],U),[jD,h]),U),true))},hi=function(h,U){return U=U.create().shift(),h.v.create().length||h.P.create().length||(h.v=void 0,h.P=void 0),U},SD=function(h,U,c,Y,A,w,y,z){return(z=W[h.H]((U=[-74,93,-46,-30,9,-35,U,-89,(w=Gq,y=Y&7,40),87],h.Qc)),z)[h.H]=function(g){A=(y+=6+7*Y,y&=7,g)},z.concat=function(g){return(g=(A=(g=(g=c%16+1,3*c*c*g+U[y+27&7]*c*g+(w()|0)*g+54*A*A-162*c*c*A-5022*c*A)-g*A- -4752*A+y,void 0),U[g]),U)[(y+45&7)+(Y&2)]=g,U[y+(Y&2)]=93,g},z},rH=function(h,U){I(108,h,(h.yc.push(h.K.slice()),h.K[108]=void 0,U))},m=function(h,U){if(void 0===(U=U.K[h],U))throw[R,30,h];if(U.value)return U.create();return U.create(3*h*h+93*h+-88),U.prototype},Ii=function(h,U,c,Y,A,w){for(Y=p((c=((A=(w=h[F$]||{},p)(h),w.KJ=p(h),w).O=[],h.j==h?(N(h)|0)-1:1),h)),U=0;U<c;U++)w.O.push(p(h));for(;c--;)w.O[c]=m(w.O[c],h);return(w.jN=m(Y,h),w).A=m(A,h),w},v=function(h,U,c,Y,A,w,y,z,g,r,x,M,O,S){if(y=m(108,c),y>=c.Z)throw[R,31];for(O=(g=(S=y,c).Zs.length,U),z=0;0<O;)A=S>>3,M=S%8,w=c.W[A],r=8-(M|0),r=r<O?r:O,h&&(Y=c,Y.J!=S>>6&&(Y.J=S>>6,x=m(142,Y),Y.D=Ri(Y.J,[0,0,x[1],x[2]],Y.U)),w^=c.D[A&g]),S+=r,z|=(w>>8-(M|0)-(r|0)&(1<<r)-1)<<(O|0)-(r|0),O-=r;return I(108,c,(h=z,(y|0)+(U|0))),h},DN=function(h,U,c,Y){for(;h.h.length;){c=(h.L=null,h.h.pop());try{Y=yF(h,c)}catch(A){E(h,A)}if(U&&h.L){(U=h.L,U)(function(){V(h,true,true)});break}}return Y},V=function(h,U,c,Y,A,w){if(h.h.length){h.i=(h.i&&0(),true),h.Fu=c;try{w=h.T(),h.C=w,h.o=w,h.R=0,Y=DN(h,c),A=h.T()-h.C,h.s+=A,A<(U?0:10)||0>=h.B--||(A=Math.floor(A),h.V.push(254>=A?A:254))}finally{h.i=false}return Y}},Hv=function(h,U){(U.push(h[0]<<24|h[1]<<16|h[2]<<8|h[3]),U).push(h[4]<<24|h[5]<<16|h[6]<<8|h[7]),U.push(h[8]<<24|h[9]<<16|h[10]<<8|h[11])},M9=function(h,U,c){return(c=W[h.H](h.Hs),c)[h.H]=function(){return U},c.concat=function(Y){U=Y},c},Ri=function(h,U,c,Y,A){for(A=(U=U[Y=U[2]|0,3]|0,0);14>A;A++)h=h>>>8|h<<24,h+=c|0,c=c<<3|c>>>29,h^=Y+1890,U=U>>>8|U<<24,U+=Y|0,c^=h,Y=Y<<3|Y>>>29,U^=A+1890,Y^=U;return[c>>>24&255,c>>>16&255,c>>>8&255,c>>>0&255,h>>>24&255,h>>>16&255,h>>>8&255,h>>>0&255]},J=function(h,U,c,Y,A,w,y,z,g){if(((((w=(g=(A=(c||Y.R++,0<Y.N&&Y.i&&Y.Fu&&1>=Y.u&&!Y.v&&!Y.L&&(!c||1<Y.G-U)&&0==document.hidden),z=(y=4==Y.R)||A?Y.T():Y.o,z)-Y.o,g>>14),Y).U&&(Y.U^=w*(g<<2)),Y).Y+=w,Y).j=w||Y.j,y)||A)Y.o=z,Y.R=0;if(!A||z-Y.C<Y.N-(h?255:c?5:2))return false;return!(((I((h=m(c?168:108,(Y.G=U,Y)),108),Y,Y.Z),Y.h).push([VF,h,c?U+1:U]),Y).L=K,0)},xC=function(h,U,c,Y){return(Y=t[h.substring(0,3)+"_"])?Y(h.substring(3),U,c):Ai(U,h)},l4=function(h,U,c,Y,A){q(h,((c=m((Y=(c=p((A=U&3,U&=4,h)),p(h)),c),h),U)&&(c=wH(""+c)),A&&q(h,Y,u(c.length,2)),Y),c)},ai=function(h,U,c){if(3==h.length){for(c=0;3>c;c++)U[c]+=h[c];for(c=[13,8,13,12,16,(h=0,5),3,10,15];9>h;h++)U[3](U,h%3,c[h])}},t,f=this||self,Z={passive:true,capture:true},QF=function(h,U,c,Y){q(h,(c=p((Y=p(h),h)),c),u(m(Y,h),U))},cv=function(h){return h},fl=function(h,U,c){if((c=typeof h,"object")==c)if(h){if(h instanceof Array)return"array";if(h instanceof Object)return c;if("[object Window]"==(U=Object.prototype.toString.call(h),U))return"object";if("[object Array]"==U||"number"==typeof h.length&&"undefined"!=typeof h.splice&&"undefined"!=typeof h.propertyIsEnumerable&&!h.propertyIsEnumerable("splice"))return"array";if("[object Function]"==U||"undefined"!=typeof h.call&&"undefined"!=typeof h.propertyIsEnumerable&&!h.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==c&&"undefined"==typeof h.call)return"object";return c},u4=function(h,U){return W[h](W.prototype,{call:U,console:U,floor:U,replace:U,stack:U,splice:U,document:U,pop:U,propertyIsEnumerable:U,length:U,prototype:U,parent:U})},K=f.requestIdleCallback?function(h){requestIdleCallback(function(){h()},{timeout:4})}:f.setImmediate?function(h){setImmediate(h)}:function(h){setTimeout(h,0)},X$=function(h,U){return(U=N(h),U)&128&&(U=U&127|N(h)<<7),U},N=function(h){return h.v?hi(h,h.P):v(true,8,h)},u=function(h,U,c,Y){for(c=(Y=(U|0)-1,[]);0<=Y;Y--)c[(U|0)-1-(Y|0)]=h>>8*Y&255;return c},H=function(h,U){U.h.splice(0,0,h)},ZN=function(h,U,c,Y){try{Y=h[((U|0)+2)%3],h[U]=(h[U]|0)-(h[((U|0)+1)%3]|0)-(Y|0)^(1==U?Y<<c:Y>>>c)}catch(A){throw A;}},vv=function(h,U,c,Y,A,w){if(!h.F){h.u++;try{for(A=(Y=(c=0,h.Z),void 0);--U;)try{if((w=void 0,h).v)A=hi(h,h.v);else{if((c=m(108,h),c)>=Y)break;A=(w=(I(168,h,c),p(h)),m(w,h))}J(false,(A&&A[N9]&2048?A(h,U):X([R,21,w],h,0),U),false,h)}catch(y){m(369,h)?X(y,h,22):I(369,h,y)}if(!U){if(h.vs){vv(h,(h.u--,446149057662));return}X([R,33],h,0)}}catch(y){try{X(y,h,22)}catch(z){E(h,z)}}h.u--}},yF=function(h,U,c,Y,A){if(c=U[0],c==B)h.B=25,h.I(U);else if(c==n){Y=U[1];try{A=h.F||h.I(U)}catch(w){E(h,w),A=h.F}Y(A)}else if(c==VF)h.I(U);else if(c==d)h.I(U);else if(c==jD){try{for(A=0;A<h.X.length;A++)try{Y=h.X[A],Y[0][Y[1]](Y[2])}catch(w){}}catch(w){}(0,U[1])((h.X=[],function(w,y){h.g(w,true,y)}),function(w){(w=!h.h.length,H([N9],h),w)&&V(h,false,true)})}else{if(c==D)return A=U[2],I(371,h,U[6]),I(408,h,A),h.I(U);c==N9?(h.W=[],h.K=null,h.V=[]):c==Ou&&"loading"===f.document.readyState&&(h.L=function(w,y){function z(){y||(y=true,w())}(y=false,f).document.addEventListener("DOMContentLoaded",z,Z),f.addEventListener("load",z,Z)})}},F$=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),d=((T.prototype.oO=void 0,(T.prototype.vs=false,T).prototype).Ws=void 0,[]),Ou=(T.prototype.l="toString",[]),B=[],n=[],VF=[],N9=[],R={},D=[],jD=[],W=((Hv,e,ZN,function(){})(ai),R.constructor),Gq=((((k=(T.prototype.H="create",T.prototype),k).EB=function(){return Math.floor(this.s+(this.T()-this.C))},k).T=(window.performance||{}).now?function(){return this.tZ+window.performance.now()}:function(){return+new Date},k).pJ=function(h,U,c){return((U=(U^=U<<13,U^=U>>17,(U^U<<5)&c))||(U=1),h)^U},k.JZ=function(){return Math.floor(this.T())},void 0),q9=(((k.g=function(h,U,c,Y,A){if((c="array"===fl(c)?c:[c],this).F)h(this.F);else try{Y=[],A=!this.h.length,H([B,Y,c],this),H([n,h,Y],this),U&&!A||V(this,true,U)}catch(w){E(this,w),h(this.F)}},k.Ps=function(h,U,c,Y,A,w){for(Y=w=0,c=[];Y<h.length;Y++)for(w+=U,A=A<<U|h[Y];7<w;)w-=8,c.push(A>>w&255);return c},k).UB=function(h,U,c,Y,A){for(A=Y=0;Y<h.length;Y++)A+=h.charCodeAt(Y),A+=A<<10,A^=A>>6;return Y=new (h=(A+=A<<3,A^=A>>11,A)+(A<<15)>>>0,Number)(h&(1<<U)-1),Y[0]=(h>>>U)%c,Y},T.prototype).I=function(h,U){return U=(h={},Gq=function(){return h==U?-88:-31},{}),function(c,Y,A,w,y,z,g,r,x,M,O,S,C,Q,F){h=(z=h,U);try{if(M=c[0],M==d){C=c[1];try{for(w=(Y=(S=atob(C),Q=[],0),0);w<S.length;w++)g=S.charCodeAt(w),255<g&&(Q[Y++]=g&255,g>>=8),Q[Y++]=g;I(142,this,(this.Z=(this.W=Q,this.W).length<<3,[0,0,0]))}catch(a){X(a,this,17);return}vv(this,8001)}else if(M==B)c[1].push(m(419,this),m(23,this).length,m(158,this).length,m(190,this).length),I(408,this,c[2]),this.K[366]&&pl(this,m(366,this),8001);else{if(M==n){this.j=(F=u((m(158,(Y=c[2],this)).length|0)+2,2),x=this.j,this);try{A=m(418,this),0<A.length&&q(this,158,u(A.length,2).concat(A),10),q(this,158,u(this.Y,1),109),q(this,158,u(this[n].length,1)),S=0,S+=m(385,this)&2047,y=m(23,this),S-=(m(158,this).length|0)+5,4<y.length&&(S-=(y.length|0)+3),0<S&&q(this,158,u(S,2).concat(e(S)),15),4<y.length&&q(this,158,u(y.length,2).concat(y),156)}finally{this.j=x}if(O=(((w=e(2).concat(m(158,this)),w)[1]=w[0]^6,w)[3]=w[1]^F[0],w[4]=w[1]^F[1],this.wd(w)))O="!"+O;else for(S=0,O="";S<w.length;S++)r=w[S][this.l](16),1==r.length&&(r="0"+r),O+=r;return m((m(158,(m(23,(I(419,this,(Q=O,Y.shift())),this)).length=Y.shift(),this)).length=Y.shift(),190),this).length=Y.shift(),Q}if(M==VF)pl(this,c[1],c[2]);else if(M==D)return pl(this,c[1],8001)}}finally{h=z}}}(),/./),su,Kl=(T.prototype[T.prototype.wd=(T.prototype.cs=0,T.prototype.T3=0,function(h,U,c,Y){if(c=window.btoa){for(Y="",U=0;U<h.length;U+=8192)Y+=String.fromCharCode.apply(null,h.slice(U,U+8192));h=c(Y).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else h=void 0;return h}),jD]=[0,0,1,1,0,1,1],d).pop.bind(T.prototype[B]),oi=function(h,U){return(U=YC())&&1===h.eval(U.createScript("1"))?function(c){return U.createScript(c)}:function(c){return""+c}}((su=u4((q9[T.prototype.l]=Kl,T.prototype).H,{get:Kl}),T.prototype.rd=void 0,f));(40<(t=f.botguard||(f.botguard={}),t).m||(t.m=41,t.bg=Tq,t.a=xC),t).YBO_=function(h,U,c){return c=new T(h,U),[function(Y){return mu(Y,c)}]};}).call(this);'));
}).call(this);
                                    

#2 JavaScript::Eval (size: 20720, repeated: 1) - SHA256: 2932005a49e6ece7a9943c79b169a09bd065a5e8c627caf73ef98d3e26c9588a

                                        (function() {
    var p = function(h, U) {
            if (h.v) return hi(h, h.P);
            return (U = v(true, 8, h), U) & 128 && (U ^= 128, h = v(true, 2, h), U = (U << 2) + (h | 0)), U
        },
        T = function(h, U, c) {
            c = this;
            try {
                Uu(U, this, h)
            } catch (Y) {
                E(this, Y), U(function(A) {
                    A(c.F)
                })
            }
        },
        X = function(h, U, c, Y, A, w) {
            if (!U.S) {
                if (3 < (h = m(419, ((0 == (Y = m((A = void 0, h && h[0] === R && (A = h[2], c = h[1], h = void 0), 418), U), Y.length) && (w = m(168, U) >> 3, Y.push(c, w >> 8 & 255, w & 255), void 0 != A && Y.push(A & 255)), c = "", h) && (h.message && (c += h.message), h.stack && (c += ":" + h.stack)), U)), h)) {
                    c = (h -= (c = c.slice(0, (h | 0) - 3), (c.length | 0) + 3), wH(c)), A = U.j, U.j = U;
                    try {
                        q(U, 23, u(c.length, 2).concat(c), 9)
                    } finally {
                        U.j = A
                    }
                }
                I(419, U, h)
            }
        },
        YC = function(h, U) {
            if (U = (h = f.trustedTypes, null), !h || !h.createPolicy) return U;
            try {
                U = h.createPolicy("bg", {
                    createHTML: cv,
                    createScript: cv,
                    createScriptURL: cv
                })
            } catch (c) {
                f.console && f.console.error(c.message)
            }
            return U
        },
        zq = function(h, U, c, Y, A, w) {
            function y() {
                if (Y.j == Y) {
                    if (Y.K) {
                        var z = [D, c, U, void 0, A, w, arguments];
                        if (2 == h) var g = V(Y, (H(z, Y), false), false);
                        else if (1 == h) {
                            var r = !Y.h.length;
                            H(z, Y), r && V(Y, false, false)
                        } else g = yF(Y, z);
                        return g
                    }
                    A && w && A.removeEventListener(w, y, Z)
                }
            }
            return y
        },
        Ai = function(h, U) {
            return h(function(c) {
                c(U)
            }), [function() {
                return U
            }]
        },
        E = function(h, U) {
            h.F = ((h.F ? h.F + "~" : "E:") + U.message + ":" + U.stack).slice(0, 2048)
        },
        i4 = function(h, U, c, Y) {
            for (c = (Y = p(U), 0); 0 < h; h--) c = c << 8 | N(U);
            I(Y, U, c)
        },
        pl = function(h, U, c, Y) {
            return m(408, (I(108, (vv(h, ((Y = m(108, h), h.W) && Y < h.Z ? (I(108, h, h.Z), rH(h, U)) : I(108, h, U), c)), h), Y), h))
        },
        wH = function(h, U, c, Y, A) {
            for (A = (U = (h = h.replace(/\r\n/g, "\n"), []), c = 0); c < h.length; c++) Y = h.charCodeAt(c), 128 > Y ? U[A++] = Y : (2048 > Y ? U[A++] = Y >> 6 | 192 : (55296 == (Y & 64512) && c + 1 < h.length && 56320 == (h.charCodeAt(c + 1) & 64512) ? (Y = 65536 + ((Y & 1023) << 10) + (h.charCodeAt(++c) & 1023), U[A++] = Y >> 18 | 240, U[A++] = Y >> 12 & 63 | 128) : U[A++] = Y >> 12 | 224, U[A++] = Y >> 6 & 63 | 128), U[A++] = Y & 63 | 128);
            return U
        },
        Eu = function(h, U) {
            return h[U] << 24 | h[(U | 0) + 1] << 16 | h[(U | 0) + 2] << 8 | h[(U | 0) + 3]
        },
        Tq = function(h, U, c, Y) {
            function A() {}
            return {
                invoke: (Y = xC(h, function(w) {
                    A && (U && K(U), c = w, A(), A = void 0)
                }, (c = void 0, !!U))[0], function(w, y, z, g) {
                    function r() {
                        c(function(x) {
                            K(function() {
                                w(x)
                            })
                        }, z)
                    }
                    if (!y) return y = Y(z), w && w(y), y;
                    c ? r() : (g = A, A = function() {
                        (g(), K)(r)
                    })
                })
            }
        },
        e = function(h, U) {
            for (U = []; h--;) U.push(255 * Math.random() | 0);
            return U
        },
        I = function(h, U, c) {
            if (108 == h || 168 == h) U.K[h] ? U.K[h].concat(c) : U.K[h] = M9(U, c);
            else {
                if (U.S && 142 != h) return;
                158 == h || 23 == h || 190 == h || 418 == h || 77 == h ? U.K[h] || (U.K[h] = SD(U, c, h, 38)) : U.K[h] = SD(U, c, h, 41)
            }
            142 == h && (U.U = v(false, 32, U), U.J = void 0)
        },
        b = function(h, U, c) {
            c[I(U, h, c), Ou] = 2796
        },
        q = function(h, U, c, Y, A, w) {
            if (h.j == h)
                for (w = m(U, h), 23 == U ? (U = function(y, z, g, r) {
                        if (r = ((z = w.length, z) | 0) - 4 >> 3, w.eN != r) {
                            r = [0, 0, (w.eN = r, g = (r << 3) - 4, A)[1], A[2]];
                            try {
                                w.kR = Ri(Eu(w, (g | 0) + 4), r, Eu(w, g))
                            } catch (x) {
                                throw x;
                            }
                        }
                        w.push(w.kR[z & 7] ^ y)
                    }, A = m(77, h)) : U = function(y) {
                        w.push(y)
                    }, Y && U(Y & 255), h = c.length, Y = 0; Y < h; Y++) U(c[Y])
        },
        k, mu = function(h, U, c) {
            return U.g(function(Y) {
                c = Y
            }, false, h), c
        },
        Uu = function(h, U, c, Y, A) {
            for ((U.Qc = ((U.qI = su, U).Zs = (U.dd = q9, U[n]), u4)(U.H, {get: function() {
                        return this.concat()
                    }
                }), U).Hs = W[U.H](U.Qc, {
                    value: {
                        value: {}
                    }
                }), Y = [], A = 0; 128 > A; A++) Y[A] = String.fromCharCode(A);
            V(U, true, (H((H([(H((b(U, (b((b(U, (I(((b(U, (b(U, (b(U, (U.br = (b(U, (I(335, U, (I(190, (b(U, 103, (I(158, U, [160, (b((b(U, 318, (b(U, 436, (b((b(U, 114, (b(U, 33, (I((b(U, 260, (b(U, 222, (b(U, 242, (I((b(U, 133, (b((b(U, 215, (b(U, 398, (b(U, (b((b(U, (I(23, (b(U, (I(418, U, ((I(168, U, (I(108, (U.tZ = ((U.Fu = false, A = window.performance || {}, U).S = ((U.N = (U.G = 8001, U.D = void 0, U.X = [], 0), U.hZ = (U.h = [], function(w) {
                this.j = w
            }), U.Y = 1, U).F = (U.Z = 0, U.B = 25, U.j = (U.J = void 0, U), (U.u = 0, U).L = null, void 0), false), (U.s = (U.yc = [], 0), (U.P = (U.i = false, void 0), U).W = (U.OB = 0, []), U).U = (U.V = [], U.C = (U.o = 0, U.K = [], U.v = void 0, 0), U.R = void 0, void 0), A.timeOrigin || (A.timing || {}).navigationStart || 0), U), 0), 0)), b)(U, 91, function(w, y, z, g) {
                z = (g = (z = p(w), p(w)), y = p(w), g = m(g, w), m(z, w) == g), I(y, w, +z)
            }), [])), 179), function(w, y, z, g, r) {
                I((z = (y = p((z = (g = (r = p(w), p(w)), p)(w), w)), y = m(y, w), m(z, w)), g = m(g, w), r), w, zq(y, z, g, w))
            }), U), e(4)), 486), function(w) {
                QF(w, 4)
            }), U), 507, function(w) {
                l4(w, 4)
            }), 462), function(w, y, z) {
                J(false, y, true, w) || (y = p(w), z = p(w), I(z, w, function(g) {
                    return eval(g)
                }(oi(m(y, w.j)))))
            }), function(w, y, z, g) {
                I((z = (y = p(w), g = N(w), p)(w), z), w, m(y, w) >>> g)
            })), function(w, y, z, g, r) {
                0 !== (z = (y = m((r = (g = m((z = p((r = p(w), w)), y = p(w), g = p(w), g), w), m)(r, w.j), y), w), m(z, w)), r) && (g = zq(1, g, y, w, r, z), r.addEventListener(z, g, Z), I(246, w, [r, z, g]))
            })), I(385, U, 0), U), 266, function(w, y, z, g, r, x, M, O, S, C, Q, F) {
                function a(l, G) {
                    for (; S < l;) g |= N(w) << S, S += 8;
                    return S -= l, G = g & (1 << l) - 1, g >>= l, G
                }
                for (x = (Q = (C = (S = (z = p(w), g = 0), (a(3) | 0) + 1), a(5)), r = M = 0, []); r < Q; r++) y = a(1), x.push(y), M += y ? 0 : 1;
                for (O = (M = ((M | 0) - 1).toString(2).length, []), r = 0; r < Q; r++) x[r] || (O[r] = a(M));
                for (M = 0; M < Q; M++) x[M] && (O[M] = p(w));
                for (F = []; C--;) F.push(m(p(w), w));
                b(w, z, function(l, G, P, L, gH) {
                    for (G = (gH = [], 0), L = []; G < Q; G++) {
                        if (!x[P = O[G], G]) {
                            for (; P >= L.length;) L.push(p(l));
                            P = L[P]
                        }
                        gH.push(P)
                    }
                    l.P = M9(l, (l.v = M9(l, F.slice()), gH))
                })
            }), function(w, y, z, g, r, x) {
                J(false, y, true, w) || (z = Ii(w.j), y = z.KJ, x = z.jN, r = z.A, z = z.O, g = z.length, x = 0 == g ? new x[r] : 1 == g ? new x[r](z[0]) : 2 == g ? new x[r](z[0], z[1]) : 3 == g ? new x[r](z[0], z[1], z[2]) : 4 == g ? new x[r](z[0], z[1], z[2], z[3]) : 2(), I(y, w, x))
            })), 77), U, [0, 0, 0]), function() {})), U.LJ = 0, I(419, U, 2048), function(w, y, z, g, r, x, M) {
                for (y = (M = (x = m(237, (z = (g = (r = p(w), X$)(w), ""), w)), x.length), 0); g--;) y = ((y | 0) + (X$(w) | 0)) % M, z += Y[x[y]];
                I(r, w, z)
            })), function(w, y, z, g, r) {
                for (g = (r = (y = X$((z = p(w), w)), 0), []); r < y; r++) g.push(N(w));
                I(z, w, g)
            })), 296), U, U), function(w, y, z, g) {
                y = (z = (g = (z = (y = p(w), p)(w), p)(w), m)(z, w), m)(y, w), I(g, w, y in z | 0)
            })), function(w, y, z, g) {
                I((z = m((y = (g = (y = (z = p(w), p)(w), p)(w), m(y, w)), z), w), g), w, z[y])
            })), U), 76, function(w, y, z) {
                (z = 0 != (y = (z = p(w), p(w)), m(z, w)), y = m(y, w), z) && I(108, w, y)
            }), function(w) {
                QF(w, 1)
            })), function(w, y, z, g) {
                I((z = (g = (y = p(w), p(w)), p(w)), z), w, m(y, w) || m(g, w))
            })), U), 510, function(w, y, z, g) {
                if (y = w.yc.pop()) {
                    for (z = N(w); 0 < z; z--) g = p(w), y[g] = w.K[g];
                    w.K = (y[419] = (y[418] = w.K[418], w).K[419], y)
                } else I(108, w, w.Z)
            }), b(U, 113, function(w, y, z, g, r) {
                r = (z = p((y = p(w), w)), p)(w), w.j == w && (g = m(y, w), r = m(r, w), z = m(z, w), g[z] = r, 142 == y && (w.J = void 0, 2 == z && (w.U = v(false, 32, w), w.J = void 0)))
            }), 0), 0]), function(w) {
                i4(4, w)
            })), I(369, U, 477), U), []), f)), I(408, U, {}), 397), function(w, y, z, g, r, x) {
                if (!J(true, y, true, w)) {
                    if ("object" == (w = (g = (r = m((y = m((x = p((g = (r = (y = p(w), p(w)), p(w)), w)), y), w), r), w), m)(g, w), m(x, w)), fl(y))) {
                        for (z in x = [], y) x.push(z);
                        y = x
                    }
                    for (x = 0, z = y.length, g = 0 < g ? g : 1; x < z; x += g) r(y.slice(x, (x | 0) + (g | 0)), w)
                }
            }), 0), 85), function(w, y, z) {
                (y = fl((y = m((z = (y = p(w), p(w)), y), w), y)), I)(z, w, y)
            }), 431), function(w, y, z, g) {
                !J(false, y, true, w) && (y = Ii(w), z = y.jN, g = y.A, w.j == w || g == w.hZ && z == w) && (I(y.KJ, w, g.apply(z, y.O)), w.o = w.T())
            }), 254), function(w, y) {
                rH((y = m(p(w), w), w.j), y)
            }), U).IO = 0, 246), U, 0), 71), function(w, y) {
                w = m((y = p(w), y), w.j), w[0].removeEventListener(w[1], w[2], Z)
            }), b(U, 468, function(w, y, z) {
                z = (y = p(w), p(w)), I(z, w, "" + m(y, w))
            }), U), 58, function(w, y, z, g) {
                g = (y = m((z = (g = p(w), p(w)), z), w), m(g, w)), I(z, w, y + g)
            }), 449), function(w) {
                l4(w, 3)
            }), [Ou]), U), d), c], U), [jD, h]), U), true))
        },
        hi = function(h, U) {
            return U = U.create().shift(), h.v.create().length || h.P.create().length || (h.v = void 0, h.P = void 0), U
        },
        SD = function(h, U, c, Y, A, w, y, z) {
            return (z = W[h.H]((U = [-74, 93, -46, -30, 9, -35, U, -89, (w = Gq, y = Y & 7, 40), 87], h.Qc)), z)[h.H] = function(g) {
                A = (y += 6 + 7 * Y, y &= 7, g)
            }, z.concat = function(g) {
                return (g = (A = (g = (g = c % 16 + 1, 3 * c * c * g + U[y + 27 & 7] * c * g + (w() | 0) * g + 54 * A * A - 162 * c * c * A - 5022 * c * A) - g * A - -4752 * A + y, void 0), U[g]), U)[(y + 45 & 7) + (Y & 2)] = g, U[y + (Y & 2)] = 93, g
            }, z
        },
        rH = function(h, U) {
            I(108, h, (h.yc.push(h.K.slice()), h.K[108] = void 0, U))
        },
        m = function(h, U) {
            if (void 0 === (U = U.K[h], U)) throw [R, 30, h];
            if (U.value) return U.create();
            return U.create(3 * h * h + 93 * h + -88), U.prototype
        },
        Ii = function(h, U, c, Y, A, w) {
            for (Y = p((c = ((A = (w = h[F$] || {}, p)(h), w.KJ = p(h), w).O = [], h.j == h ? (N(h) | 0) - 1 : 1), h)), U = 0; U < c; U++) w.O.push(p(h));
            for (; c--;) w.O[c] = m(w.O[c], h);
            return (w.jN = m(Y, h), w).A = m(A, h), w
        },
        v = function(h, U, c, Y, A, w, y, z, g, r, x, M, O, S) {
            if (y = m(108, c), y >= c.Z) throw [R, 31];
            for (O = (g = (S = y, c).Zs.length, U), z = 0; 0 < O;) A = S >> 3, M = S % 8, w = c.W[A], r = 8 - (M | 0), r = r < O ? r : O, h && (Y = c, Y.J != S >> 6 && (Y.J = S >> 6, x = m(142, Y), Y.D = Ri(Y.J, [0, 0, x[1], x[2]], Y.U)), w ^= c.D[A & g]), S += r, z |= (w >> 8 - (M | 0) - (r | 0) & (1 << r) - 1) << (O | 0) - (r | 0), O -= r;
            return I(108, c, (h = z, (y | 0) + (U | 0))), h
        },
        DN = function(h, U, c, Y) {
            for (; h.h.length;) {
                c = (h.L = null, h.h.pop());
                try {
                    Y = yF(h, c)
                } catch (A) {
                    E(h, A)
                }
                if (U && h.L) {
                    (U = h.L, U)(function() {
                        V(h, true, true)
                    });
                    break
                }
            }
            return Y
        },
        V = function(h, U, c, Y, A, w) {
            if (h.h.length) {
                h.i = (h.i && 0(), true), h.Fu = c;
                try {
                    w = h.T(), h.C = w, h.o = w, h.R = 0, Y = DN(h, c), A = h.T() - h.C, h.s += A, A < (U ? 0 : 10) || 0 >= h.B-- || (A = Math.floor(A), h.V.push(254 >= A ? A : 254))
                } finally {
                    h.i = false
                }
                return Y
            }
        },
        Hv = function(h, U) {
            (U.push(h[0] << 24 | h[1] << 16 | h[2] << 8 | h[3]), U).push(h[4] << 24 | h[5] << 16 | h[6] << 8 | h[7]), U.push(h[8] << 24 | h[9] << 16 | h[10] << 8 | h[11])
        },
        M9 = function(h, U, c) {
            return (c = W[h.H](h.Hs), c)[h.H] = function() {
                return U
            }, c.concat = function(Y) {
                U = Y
            }, c
        },
        Ri = function(h, U, c, Y, A) {
            for (A = (U = U[Y = U[2] | 0, 3] | 0, 0); 14 > A; A++) h = h >>> 8 | h << 24, h += c | 0, c = c << 3 | c >>> 29, h ^= Y + 1890, U = U >>> 8 | U << 24, U += Y | 0, c ^= h, Y = Y << 3 | Y >>> 29, U ^= A + 1890, Y ^= U;
            return [c >>> 24 & 255, c >>> 16 & 255, c >>> 8 & 255, c >>> 0 & 255, h >>> 24 & 255, h >>> 16 & 255, h >>> 8 & 255, h >>> 0 & 255]
        },
        J = function(h, U, c, Y, A, w, y, z, g) {
            if (((((w = (g = (A = (c || Y.R++, 0 < Y.N && Y.i && Y.Fu && 1 >= Y.u && !Y.v && !Y.L && (!c || 1 < Y.G - U) && 0 == document.hidden), z = (y = 4 == Y.R) || A ? Y.T() : Y.o, z) - Y.o, g >> 14), Y).U && (Y.U ^= w * (g << 2)), Y).Y += w, Y).j = w || Y.j, y) || A) Y.o = z, Y.R = 0;
            if (!A || z - Y.C < Y.N - (h ? 255 : c ? 5 : 2)) return false;
            return !(((I((h = m(c ? 168 : 108, (Y.G = U, Y)), 108), Y, Y.Z), Y.h).push([VF, h, c ? U + 1 : U]), Y).L = K, 0)
        },
        xC = function(h, U, c, Y) {
            return (Y = t[h.substring(0, 3) + "_"]) ? Y(h.substring(3), U, c) : Ai(U, h)
        },
        l4 = function(h, U, c, Y, A) {
            q(h, ((c = m((Y = (c = p((A = U & 3, U &= 4, h)), p(h)), c), h), U) && (c = wH("" + c)), A && q(h, Y, u(c.length, 2)), Y), c)
        },
        ai = function(h, U, c) {
            if (3 == h.length) {
                for (c = 0; 3 > c; c++) U[c] += h[c];
                for (c = [13, 8, 13, 12, 16, (h = 0, 5), 3, 10, 15]; 9 > h; h++) U[3](U, h % 3, c[h])
            }
        },
        t, f = this || self,
        Z = {
            passive: true,
            capture: true
        },
        QF = function(h, U, c, Y) {
            q(h, (c = p((Y = p(h), h)), c), u(m(Y, h), U))
        },
        cv = function(h) {
            return h
        },
        fl = function(h, U, c) {
            if ((c = typeof h, "object") == c)
                if (h) {
                    if (h instanceof Array) return "array";
                    if (h instanceof Object) return c;
                    if ("[object Window]" == (U = Object.prototype.toString.call(h), U)) return "object";
                    if ("[object Array]" == U || "number" == typeof h.length && "undefined" != typeof h.splice && "undefined" != typeof h.propertyIsEnumerable && !h.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == U || "undefined" != typeof h.call && "undefined" != typeof h.propertyIsEnumerable && !h.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == c && "undefined" == typeof h.call) return "object";
            return c
        },
        u4 = function(h, U) {
            return W[h](W.prototype, {
                call: U,
                console: U,
                floor: U,
                replace: U,
                stack: U,
                splice: U,
                document: U,
                pop: U,
                propertyIsEnumerable: U,
                length: U,
                prototype: U,
                parent: U
            })
        },
        K = f.requestIdleCallback ? function(h) {
            requestIdleCallback(function() {
                h()
            }, {
                timeout: 4
            })
        } : f.setImmediate ? function(h) {
            setImmediate(h)
        } : function(h) {
            setTimeout(h, 0)
        },
        X$ = function(h, U) {
            return (U = N(h), U) & 128 && (U = U & 127 | N(h) << 7), U
        },
        N = function(h) {
            return h.v ? hi(h, h.P) : v(true, 8, h)
        },
        u = function(h, U, c, Y) {
            for (c = (Y = (U | 0) - 1, []); 0 <= Y; Y--) c[(U | 0) - 1 - (Y | 0)] = h >> 8 * Y & 255;
            return c
        },
        H = function(h, U) {
            U.h.splice(0, 0, h)
        },
        ZN = function(h, U, c, Y) {
            try {
                Y = h[((U | 0) + 2) % 3], h[U] = (h[U] | 0) - (h[((U | 0) + 1) % 3] | 0) - (Y | 0) ^ (1 == U ? Y << c : Y >>> c)
            } catch (A) {
                throw A;
            }
        },
        vv = function(h, U, c, Y, A, w) {
            if (!h.F) {
                h.u++;
                try {
                    for (A = (Y = (c = 0, h.Z), void 0); --U;) try {
                        if ((w = void 0, h).v) A = hi(h, h.v);
                        else {
                            if ((c = m(108, h), c) >= Y) break;
                            A = (w = (I(168, h, c), p(h)), m(w, h))
                        }
                        J(false, (A && A[N9] & 2048 ? A(h, U) : X([R, 21, w], h, 0), U), false, h)
                    } catch (y) {
                        m(369, h) ? X(y, h, 22) : I(369, h, y)
                    }
                    if (!U) {
                        if (h.vs) {
                            vv(h, (h.u--, 446149057662));
                            return
                        }
                        X([R, 33], h, 0)
                    }
                } catch (y) {
                    try {
                        X(y, h, 22)
                    } catch (z) {
                        E(h, z)
                    }
                }
                h.u--
            }
        },
        yF = function(h, U, c, Y, A) {
            if (c = U[0], c == B) h.B = 25, h.I(U);
            else if (c == n) {
                Y = U[1];
                try {
                    A = h.F || h.I(U)
                } catch (w) {
                    E(h, w), A = h.F
                }
                Y(A)
            } else if (c == VF) h.I(U);
            else if (c == d) h.I(U);
            else if (c == jD) {
                try {
                    for (A = 0; A < h.X.length; A++) try {
                        Y = h.X[A], Y[0][Y[1]](Y[2])
                    } catch (w) {}
                } catch (w) {}(0, U[1])((h.X = [], function(w, y) {
                    h.g(w, true, y)
                }), function(w) {
                    (w = !h.h.length, H([N9], h), w) && V(h, false, true)
                })
            } else {
                if (c == D) return A = U[2], I(371, h, U[6]), I(408, h, A), h.I(U);
                c == N9 ? (h.W = [], h.K = null, h.V = []) : c == Ou && "loading" === f.document.readyState && (h.L = function(w, y) {
                    function z() {
                        y || (y = true, w())
                    }(y = false, f).document.addEventListener("DOMContentLoaded", z, Z), f.addEventListener("load", z, Z)
                })
            }
        },
        F$ = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        d = ((T.prototype.oO = void 0, (T.prototype.vs = false, T).prototype).Ws = void 0, []),
        Ou = (T.prototype.l = "toString", []),
        B = [],
        n = [],
        VF = [],
        N9 = [],
        R = {},
        D = [],
        jD = [],
        W = ((Hv, e, ZN, function() {})(ai), R.constructor),
        Gq = ((((k = (T.prototype.H = "create", T.prototype), k).EB = function() {
            return Math.floor(this.s + (this.T() - this.C))
        }, k).T = (window.performance || {}).now ? function() {
            return this.tZ + window.performance.now()
        } : function() {
            return +new Date
        }, k).pJ = function(h, U, c) {
            return ((U = (U ^= U << 13, U ^= U >> 17, (U ^ U << 5) & c)) || (U = 1), h) ^ U
        }, k.JZ = function() {
            return Math.floor(this.T())
        }, void 0),
        q9 = (((k.g = function(h, U, c, Y, A) {
            if ((c = "array" === fl(c) ? c : [c], this).F) h(this.F);
            else try {
                Y = [], A = !this.h.length, H([B, Y, c], this), H([n, h, Y], this), U && !A || V(this, true, U)
            } catch (w) {
                E(this, w), h(this.F)
            }
        }, k.Ps = function(h, U, c, Y, A, w) {
            for (Y = w = 0, c = []; Y < h.length; Y++)
                for (w += U, A = A << U | h[Y]; 7 < w;) w -= 8, c.push(A >> w & 255);
            return c
        }, k).UB = function(h, U, c, Y, A) {
            for (A = Y = 0; Y < h.length; Y++) A += h.charCodeAt(Y), A += A << 10, A ^= A >> 6;
            return Y = new(h = (A += A << 3, A ^= A >> 11, A) + (A << 15) >>> 0, Number)(h & (1 << U) - 1), Y[0] = (h >>> U) % c, Y
        }, T.prototype).I = function(h, U) {
            return U = (h = {}, Gq = function() {
                    return h == U ? -88 : -31
                }, {}),
                function(c, Y, A, w, y, z, g, r, x, M, O, S, C, Q, F) {
                    h = (z = h, U);
                    try {
                        if (M = c[0], M == d) {
                            C = c[1];
                            try {
                                for (w = (Y = (S = atob(C), Q = [], 0), 0); w < S.length; w++) g = S.charCodeAt(w), 255 < g && (Q[Y++] = g & 255, g >>= 8), Q[Y++] = g;
                                I(142, this, (this.Z = (this.W = Q, this.W).length << 3, [0, 0, 0]))
                            } catch (a) {
                                X(a, this, 17);
                                return
                            }
                            vv(this, 8001)
                        } else if (M == B) c[1].push(m(419, this), m(23, this).length, m(158, this).length, m(190, this).length), I(408, this, c[2]), this.K[366] && pl(this, m(366, this), 8001);
                        else {
                            if (M == n) {
                                this.j = (F = u((m(158, (Y = c[2], this)).length | 0) + 2, 2), x = this.j, this);
                                try {
                                    A = m(418, this), 0 < A.length && q(this, 158, u(A.length, 2).concat(A), 10), q(this, 158, u(this.Y, 1), 109), q(this, 158, u(this[n].length, 1)), S = 0, S += m(385, this) & 2047, y = m(23, this), S -= (m(158, this).length | 0) + 5, 4 < y.length && (S -= (y.length | 0) + 3), 0 < S && q(this, 158, u(S, 2).concat(e(S)), 15), 4 < y.length && q(this, 158, u(y.length, 2).concat(y), 156)
                                } finally {
                                    this.j = x
                                }
                                if (O = (((w = e(2).concat(m(158, this)), w)[1] = w[0] ^ 6, w)[3] = w[1] ^ F[0], w[4] = w[1] ^ F[1], this.wd(w))) O = "!" + O;
                                else
                                    for (S = 0, O = ""; S < w.length; S++) r = w[S][this.l](16), 1 == r.length && (r = "0" + r), O += r;
                                return m((m(158, (m(23, (I(419, this, (Q = O, Y.shift())), this)).length = Y.shift(), this)).length = Y.shift(), 190), this).length = Y.shift(), Q
                            }
                            if (M == VF) pl(this, c[1], c[2]);
                            else if (M == D) return pl(this, c[1], 8001)
                        }
                    } finally {
                        h = z
                    }
                }
        }(), /./),
        su, Kl = (T.prototype[T.prototype.wd = (T.prototype.cs = 0, T.prototype.T3 = 0, function(h, U, c, Y) {
            if (c = window.btoa) {
                for (Y = "", U = 0; U < h.length; U += 8192) Y += String.fromCharCode.apply(null, h.slice(U, U + 8192));
                h = c(Y).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else h = void 0;
            return h
        }), jD] = [0, 0, 1, 1, 0, 1, 1], d).pop.bind(T.prototype[B]),
        oi = function(h, U) {
            return (U = YC()) && 1 === h.eval(U.createScript("1")) ? function(c) {
                return U.createScript(c)
            } : function(c) {
                return "" + c
            }
        }((su = u4((q9[T.prototype.l] = Kl, T.prototype).H, {get: Kl
        }), T.prototype.rd = void 0, f));
    (40 < (t = f.botguard || (f.botguard = {}), t).m || (t.m = 41, t.bg = Tq, t.a = xC), t).YBO_ = function(h, U, c) {
        return c = new T(h, U), [function(Y) {
            return mu(Y, c)
        }]
    };
}).call(this);
                                    

#3 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 3755a8c0633fef887d8f3e30674dfbef87ddb8b872bf69663731ed531f6a6ed0

                                        0,
function(w, y, z) {
    I((z = (y = (z = p(w), p)(w), w.K[z] && m(z, w)), y), w, z)
}
                                    

#4 JavaScript::Eval (size: 22, repeated: 1) - SHA256: e305e4a9f1526070c2c93d1248512d6460115b8db421e150919978d6f2df61a2

                                        0,
function(w) {
    i4(1, w)
}
                                    

#5 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 45f5e5195f57ae43fbd3dacdbdf1de261f7a716f6241be91b64b0a1e990cdc75

                                        0,
function(w) {
    i4(2, w)
}
                                    

Executed Writes (0)



HTTP Transactions (186)


Request Response
                                        
                                            GET /wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         116.202.162.93
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:47 GMT
Content-Length: 162
Connection: keep-alive
Location: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5979
Expires: Sun, 25 Sep 2022 03:29:26 GMT
Date: Sun, 25 Sep 2022 01:49:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 01:14:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VkwxCFbWdEgchkZZDp1IHkSxqiSJMF_kAVr4otaZjZP4qENoujL5SQ==
Age: 2105


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nmaE1RUBNuAPH647gGsTdaEMwyE4lfpsZDPipnJCseQExIL_ATBA6g==
age: 76473
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 01:04:17 GMT
Expires: Sun, 25 Sep 2022 01:04:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FK5luO7Yje_YpA2Q1V906Wdz2BDB6PPhSiCk6lCJTAfWFZe3Ky4YIA==
Age: 2730


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5059
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 01:49:47 GMT
Last-Modified: Sun, 25 Sep 2022 00:25:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/yith-woocommerce-catalog-mode-premium/assets/css/frontend.min.css?ver=2.10.0 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
content-length: 0
last-modified: Fri, 15 Apr 2022 08:31:18 GMT
etag: "62592d56-0"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/user-registration/assets/css/user-registration.css?ver=2.2.2 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Tue, 06 Sep 2022 11:46:53 GMT
vary: Accept-Encoding
etag: W/"6317332d-bc6a"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7854
Md5:    a220d240e6f977ae51b6b19bcefde658
Sha1:   6539ea81321f5d80036f7028cd257a0e431007c5
Sha256: 4f93af9b548fe6376f17a8567ad22d071de954a5b4f8cb92cd2f22ed33167d8c
                                        
                                            GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 02:30:16 GMT
expires: Fri, 22 Sep 2023 02:30:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 256772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32072)
Size:   32954
Md5:    d38e2944bbc9ae54b8947a2bd0b9a932
Sha1:   782a825679b248d38979c2d7ecae257873344437
Sha256: 65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
                                        
                                            GET /wp-content/uploads/2018/11/cdnapoli_city_logo.png HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
content-length: 22274
last-modified: Mon, 18 May 2020 11:34:43 GMT
etag: "5ec272d3-5702"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   22274
Md5:    2e81d0862e6e70c03c88841f528c41e1
Sha1:   f7810a9131d19f89c56e06b526262fe8b7773f7b
Sha256: d0f87a4027cce97496bbd578c845b671ff1946fcdd6e7e8981c0d219a11210b8
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MaK0Eh8upiJkBp4h8BoiWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.200.107.47
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6lnoh8xeQKuDA/QESkTylprjhJU=

                                        
                                            GET /recaptcha/api.js?render=6Lc0UeQZAAAAAHxybm9Kou_1BiGy0zhNLdXSn-Iy&ver=3.0 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Sun, 25 Sep 2022 01:49:48 GMT
date: Sun, 25 Sep 2022 01:49:48 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    7035a0302617ce61880c656cd02a0b83
Sha1:   9038be21907069b46d28b6fcd3b01e20dd170577
Sha256: eb268212296b8a3adf2fbc4ff61c5078d927511c0299b11bfa1523cc6a2dea87
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Tue, 20 Sep 2022 23:47:42 GMT
vary: Accept-Encoding
etag: W/"632a511e-b7a"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1507
Md5:    20e92e8013f1bd8e71acf6d280bf2714
Sha1:   5f3a671a500ec3a9ec35c629cf39e0b12b535bc1
Sha256: d27b44bc265c0f4947f2644d9133ccf7dde36f5f1acabded78d8f1bb688e940b
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Tue, 01 Mar 2022 16:39:07 GMT
vary: Accept-Encoding
etag: W/"621e4c2b-195e"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2890
Md5:    f6626c9f47baedbdbf1b3aea7d3c0ceb
Sha1:   6db52fe8c577d0632e194ff9887f8cf86f66a2fc
Sha256: e1cee0b73c81f4d93c1a765a12be3515864ef7d17cd64c791d07a57e51f61213
                                        
                                            GET /wp-content/plugins/keydesign-addon/assets/js/photoswipe.min.js?ver=5.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Mon, 18 May 2020 10:48:30 GMT
vary: Accept-Encoding
etag: W/"5ec267fe-7bee"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12655
Md5:    3c2cf7fb48fbe3da842076dba8ede78f
Sha1:   b4c41064c39f50de2302d12746b345ac0da3763b
Sha256: da75784e534ad7a4cd1dae254fa9b0cd1a84de4c9da5cfd2eaffec9a4ef5729b
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Tue, 01 Mar 2022 16:39:07 GMT
vary: Accept-Encoding
etag: W/"621e4c2b-4b3d"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   84149
Md5:    530159c0d37dab81927f3a0b5a8eaf01
Sha1:   ff4fbdb15cd7d309dc7c4914153df0e67aa6bd05
Sha256: 8fef57e2f765291a6eaf5ff8da35566dab1d38ec5ef800cc73f8422f11e71354
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/leadengine/core/assets/css/bootstrap.min.css?ver=5.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Mon, 18 May 2020 10:49:50 GMT
vary: Accept-Encoding
etag: W/"5ec2684e-1f16f"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   18560
Md5:    409e9f308c37b099cb5f21ac1834cba2
Sha1:   1c1d565cfc2668bdb815ab75dbc423944685deb6
Sha256: 67b223e6658206e07e437496a084ec977b7a1b53b4fb175973e4af5faabf788b
                                        
                                            GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Tue, 20 Sep 2022 23:47:42 GMT
vary: Accept-Encoding
etag: W/"632a511e-72a"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1485
Md5:    96a9fc87c5948c8ee231dbec5e1cef6c
Sha1:   90d273b54926650b772dc63c1829f30bc0fc0531
Sha256: 4b81c4deb7781204c18a7789610c6354622c0e158e8108478c6221db3f6bf69b
                                        
                                            GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.3.2 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Tue, 20 Sep 2022 23:47:42 GMT
vary: Accept-Encoding
etag: W/"632a511e-28c3"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2424
Md5:    a819f96122cdc3f7542de45d28ed3882
Sha1:   65c6b544b2ce45d4342e0ffd3a5288ddc2dde504
Sha256: f80c8c055c7cfd68e6dbcdde51701b7e0369c4915b32937a57adb4e530a9e4d7
                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cdnapolicity.it
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 28103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.2.6 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Thu, 08 Sep 2022 23:47:05 GMT
vary: Accept-Encoding
etag: W/"631a7ef9-220fa"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (595)
Size:   40377
Md5:    ce784a2664c532b05565a589061118bf
Sha1:   33bc37d6a364f3380f3abedb47d285ba93c680ff
Sha256: 8044cf1e8d04d28142e342e11a09e0210ed9e6c8f7ddc546657a3ede373f6415
                                        
                                            GET /wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         116.202.162.93
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:47 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.cdnapolicity.it/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   27615
Md5:    3241785c4b03e45455597161a930cc6c
Sha1:   2f63fb11a21f359e37862ebea9064bd635d7f861
Sha256: 54284054e3290424880db66c672af0bc375d31026cc82c2ac8461e3173021c29

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Mon, 09 Aug 2021 10:01:04 GMT
vary: Accept-Encoding
etag: W/"6110fce0-4705"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15224)
Size:   163101
Md5:    8c218f1610d35a4eb1b09b975263fa9e
Sha1:   59a82f2daccc14c3f8ad8610679977538f7fcdb6
Sha256: d6badb2f45487436297fc6fce9285265500ee117528654b07661eba6017afbd6
                                        
                                            GET /wp-content/uploads/2018/11/cropped-cdnapoli_city_logo-192x192.png HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
content-length: 8244
last-modified: Mon, 18 May 2020 11:34:38 GMT
etag: "5ec272ce-2034"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   8244
Md5:    d9d621afa4badf6b0e0d0aeece552f3b
Sha1:   575734e9cb5cb18bd5a1ca178558a6535c489810
Sha256: 6d60f0ebe7a01768bc811ee4612a8386f3acc18c7bad69805f6ab3ebbef4fc0d
                                        
                                            GET /wp-content/uploads/2018/11/cropped-cdnapoli_city_logo-32x32.png HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
content-length: 1090
last-modified: Mon, 18 May 2020 11:34:35 GMT
etag: "5ec272cb-442"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1090
Md5:    5f831f2009429180a4037cb95b3b19dc
Sha1:   9e96b3af1d99e4c212c9460fc1a1166fbb07c2a6
Sha256: 4a77fd073ebf71c470dd1708787ba9974c0719ea150d985a88ae0a0e7ff5849f
                                        
                                            GET /hit/?v=0.4.0&uid=790fb050-d9b2-4064-b990-0ad0adcecd86&dp=10&tz=%2B00%3A00&nc=53850858&u=https%3A%2F%2Fwww.cdnapolicity.it%2Fwp-content%2Fuploads%2F2022%2F06%2Fdomaci_film_za_gledanje_rane.pdf&r=&rs=1280x1024&t=Pagina%20non%20trovata%20-%20CDNapoli%20City&oE=1&oP=1&dT=2022-09-25T01%3A49%3A47.748&fu=a9ece671-6d5f-4dca-9d13-4e8e7d16bf96 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /mc/?dp=10 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sun, 25-Sep-22 01:59:49 GMT aid=wQO4iWMvs70SmAQkxoNvAskNW597ZeBICi3FItFHrwSUluSu; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2321
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 01:49:49 GMT
Last-Modified: Sun, 25 Sep 2022 01:11:08 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CBF86842C07B18E86F93CDA273D454B991114A5F541FCB917A6C4ED14E6124E3"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17390
Expires: Sun, 25 Sep 2022 06:39:39 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /match?id=106&vid=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: dm-eu.hybrid.ai
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.18.103.21
HTTP/2 204 No Content
                                        
date: Sun, 25 Sep 2022 01:49:49 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
set-cookie: vid=a8f0969b15920f459740; expires=Mon, 25 Sep 2023 01:49:48 GMT; domain=.hybrid.ai; path=/; samesite=none
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 530
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: Hybrid Web Server
X-Firefox-Spdy: h2

                                        
                                            GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ssp-rtb.sape.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.3.184.130
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=A8B803C1BDB32F632500507E025749CF
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4qGMvs71+UAAlz0lXAtuRwf2KfRYkwoWefTRmgXqxN5gQ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /sync?ssp=sape HTTP/1.1 
Host: a.utraff.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.59.66
HTTP/2 204 No Content
content-type: text/plain
                                        
date: Sun, 25 Sep 2022 01:49:49 GMT
set-cookie: preutid=1; Expires=Tue, 25 Oct 2022 04:49:49 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/ preutid=1; Expires=Tue, 25 Oct 2022 04:49:49 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=701kaRJVXak%2BXHKJofdqFpElby7LzM6gnkEv8YDAucb%2BlUAvtNjyXkj8CZhugUHzBnMCEZ%2BnpiWeJyPwQ79ehjgxIpv6%2BZOT3QV362TI1YBqJidWtFSrUqmt4YkSQrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75001afe9ea3fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3022
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 01:49:49 GMT
Last-Modified: Sun, 25 Sep 2022 00:59:27 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1 
Host: ads.adlook.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         5.101.76.186
HTTP/2 302 Found
                                        
location: https://acint.net/match?dp=110&euid=cf203cf3ed9a4c09a214ad5932e1ffb3
server: Kestrel
set-cookie: adlm_userId=cf203cf3ed9a4c09a214ad5932e1ffb3; expires=Sun, 24 Sep 2023 21:00:00 GMT; path=/; SameSite=None; secure
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C560DA593EDE00C6BE9E4E03C51DE0EF3995741386904BD1D0353360DC96474C"
Last-Modified: Sat, 24 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15581
Expires: Sun, 25 Sep 2022 06:09:30 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.5 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Fri, 15 Apr 2022 08:37:26 GMT
vary: Accept-Encoding
etag: W/"62592ec6-76596"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   44964
Md5:    9e35b1d2829dc5d59039452431e18e2f
Sha1:   8ff008756342d94a34f6f393d7b368bd48583f9d
Sha256: 49005f826f0b6d46dd8c0c1416dbc8cfd5bf1e74a37e4819e22d424352f3799d
                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.216.101.186
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=571c2a90-3c74-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Mon, 25 Sep 2023 01:49:49 GMT; SameSite=None; Secure uid-legacy=571c2a90-3c74-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Mon, 25 Sep 2023 01:49:49 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A7D0CB9BDB32F63BF00640F0248ABE8&cs=1
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AD23CF5ECE9AFAE83CB9B723295B4C4FBB8C889A99027F7C55E9716DE55BD843"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1356
Expires: Sun, 25 Sep 2022 02:12:25 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2321
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 01:49:49 GMT
Last-Modified: Sun, 25 Sep 2022 01:11:08 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "76E584B00C612A48E8B626EF2758CA3DC8458CB24BEA4D43DB81F994969F8425"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3347
Expires: Sun, 25 Sep 2022 02:45:36 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /match?dp=14&euid=A8B803C1BDB32F632500507E025749CF HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A553B1B54FDAF46B372088EF869FA27482B221D7940947319A807105BB88BF"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17172
Expires: Sun, 25 Sep 2022 06:36:01 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 29 Sep 2022 01:03:05 GMT
ETag: "5bf0ec2ec5804afb7bcdc1907dc73ee2f1a9e045"
Last-Modified: Sun, 25 Sep 2022 01:03:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001affce710af6-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    d26c06db5371730ec374843ae0d2957a
Sha1:   5bf0ec2ec5804afb7bcdc1907dc73ee2f1a9e045
Sha256: af1efaa9d99c67109168d08aeb2c1c9ed700c5fdfbae95ba9e4ce2c3439b028c
                                        
                                            GET /match/396/?remote_uid=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: s.uuidksinc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.220.27.155
HTTP/2 302 Found
                                        
server: nginx/1.19.0
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=dcGzYG5Ae6YOstIJryA0
set-cookie: jcsuuid=dcGzYG5Ae6YOstIJryA0; expires=Mon, 25 Sep 2023 01:49:49 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /wp-content/plugins/keydesign-addon/assets/js/photoswipe-ui-default.min.js?ver=5.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Mon, 18 May 2020 10:48:30 GMT
vary: Accept-Encoding
etag: W/"5ec267fe-2694"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   19101
Md5:    ba3d3fbae6c1f62caaa2bd00bdb814e7
Sha1:   37292f393605997ab2a604c28cc5a3e702319d1e
Sha256: 01c247a076397da7ddc90e245cf0b0c5665c457c11d23944409ae40d71131777
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BCAF49A54462D8B58F901D8456452F08E1EDC5A0137ACCC26595E5B3F05CB95"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Sun, 25 Sep 2022 05:36:09 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1 
Host: ssp.bestssp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.147.80.35
HTTP/1.1 302 Found
                                        
Server: nginx/1.16.1
Date: Sun, 25 Sep 2022 01:49:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=AOCGMNTY
Set-Cookie: uid=AOCGMNTY; Expires=Sun, 25 Sep 2032 00:00:00 GMT; mf2=1; Expires=Tue, 25 Oct 2022 00:00:00 GMT;

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1875C3097BB2FBA05F90EE63E655E6FB801316E7D2CBCA85154784AAB77FFA18"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12263
Expires: Sun, 25 Sep 2022 05:14:12 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /match?dsp=sape HTTP/1.1 
Host: sync.republer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.82.46
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2

                                        
                                            GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1A7D0CB9BDB32F63BF00640F0248ABE8&cs=1 HTTP/1.1 
Host: sync.1dmp.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=571c2a90-3c74-11ed-8ff0-f832e4719dd9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         95.216.101.186
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=571c2a90-3c74-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Mon, 25 Sep 2023 01:49:49 GMT; SameSite=None; Secure uid-legacy=571c2a90-3c74-11ed-8ff0-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Mon, 25 Sep 2023 01:49:49 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 03:41:02 GMT
Expires: Sat, 01 Oct 2022 03:41:01 GMT
Etag: "f58561d015c35abdadf3fb90fb034e51aa2093d4"
Cache-Control: max-age=524471,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75001affe9c7b512-OSL

                                        
                                            GET /match?dp=110&euid=cf203cf3ed9a4c09a214ad5932e1ffb3 HTTP/1.1 
Host: acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1 
Host: sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1664070589355
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         78.46.16.13
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
location: https://0ca7879e-58f6-4764-a8cf-6133733a3774.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=0ca7879e-58f6-4764-a8cf-6133733a3774;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=0ca7879e-58f6-4764-a8cf-6133733a3774;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=127&euid=dcGzYG5Ae6YOstIJryA0 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/sape?id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: sync.dmp.otm-r.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.65.75
HTTP/2 204 No Content
                                        
server: nginx/1.19.7
date: Sun, 25 Sep 2022 01:49:49 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /?src=sap1&uid=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ1NzJmODFkMC0zYzc0LTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sat, 20 Sep 2042 01:49:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARi9576ZBmIgMUE3RDBDQjlCREIzMkY2M0JGMDA2NDBGMDI0OEFCRTiiARBXL4HQPHQR7YZEACWQyCQ3
ETag: 572f81d0-3c74-11ed-8644-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /match?dp=95&euid=AOCGMNTY HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1 
Host: exchange.buzzoola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         116.202.236.171
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 115
location: https://www.acint.net/match?dp=126&euid=bf65f2e3-43b5-4ac2-76f7-e1c067fb2c8e
serverid: TODO
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   115
Md5:    80b212e8d4cadeee59e8b8f5fa685e9f
Sha1:   040f9ba8941d9eb2bb3dad37d8969fb1a6c04f40
Sha256: 7a72e4135b0b15e2c507d93a418cc08584dc2444ca480c28266e927c06489290
                                        
                                            GET /p?ssp=sp&uid=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: cs.agency2.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.107.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=806224d7-8690-4078-8d85-1455332e3581
Set-Cookie: uuid=806224d7-8690-4078-8d85-1455332e3581; expires=Sat, 16 Sep 2023 01:49:49 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6178910372EDFD9D20C69E66D6B942CC8DFE53F6FED00361759C158BCE7E2085"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8914
Expires: Sun, 25 Sep 2022 04:18:23 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8700
Expires: Sun, 25 Sep 2022 04:14:49 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /matchspm?pi=1000005&pui=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: ut.rktch.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.97.2
HTTP/1.1 302 Found
                                        
Server: nginx/1.22.0
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=5c0f455336649fe3665d6820ddbb4d1130de; Max-Age=2592000; Expires=Tue, 25 Oct 2022 01:49:49 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true

                                        
                                            GET /sape/cm?user_id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: nr.bidderstack.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.4.70.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 44
Connection: keep-alive
Set-Cookie: uid=ef107825-37d5-4d3e-b7f4-ad36c3614366; domain=.bidderstack.com; path=/; expires=Mon, 25-Sep-2023 01:49:49 GMT;
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    f9d60352c70a2ba15616d1c9421f3844
Sha1:   e9abc8bea7721a4b6a50295850d13c515006a95c
Sha256: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3056f6d6-1a08-46ac-94a1-eb08e1b784e1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7404
x-amzn-requestid: ef623ade-f397-40a9-b88d-0394f22a8d8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJPGYyoAMFVEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-2da73ceb54b36ade5bf4ce1a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jqPyyJr0H9dHTBuQb9Z8bNBwMXhBz5pz09u_j1R0Qpp-iGUGFXm0VQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 13:56:57 GMT
age: 42772
etag: "3a69c08b4d25d1dae1abbabd103d6d295a2f5425"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7404
Md5:    9bbdad67489e993cebd23ffb04ebd02c
Sha1:   3a69c08b4d25d1dae1abbabd103d6d295a2f5425
Sha256: ee3839246f3bada3e3190c240c8ac64d8012a87c062c5e006ed80a7edcd773a5
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 29 Sep 2022 00:54:43 GMT
ETag: "8c6c00c6897a012cd5db90223cb390c57d0b2415"
Last-Modified: Sun, 25 Sep 2022 00:54:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 708
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b00abc60afa-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    884cdec08d84b67575acb887de09991d
Sha1:   8c6c00c6897a012cd5db90223cb390c57d0b2415
Sha256: 013701003c71fb0628782772dd74acf6edfdd389e67e8e124c7be9e0741986c6
                                        
                                            GET /merge_gpsid/?sid=50&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: stat.adlabs.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         109.248.237.36
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 25 Sep 2022 01:37:23 GMT
content-length: 0
location: //adlmerge.com/merge_gpsid/?sid=50&id=1A7D0CB9BDB32F63BF00640F0248ABE8
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 15137
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8700
Expires: Sun, 25 Sep 2022 04:14:49 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /core/match.gif?s=32&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: mediatoday.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.228.100
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.20.2
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUXa8WBdTYbUAcj; expires=Wed, 22-Sep-2032 01:49:49 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0027ff5-ed5d-4cf9-9ef4-847dbda3f91b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12552
x-amzn-requestid: 71161d44-4c3a-459e-bf76-5bf3deafcafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YlYTrHz0oAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63253a7d-39dd0e2a7045128024086375;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 03:09:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EGtjExnYcmDEP9a540mHhZ7EjGlvLIDLK65Phs9MsAVdEpwNI4avTQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 15137
etag: "dfe5c93dc1637162a0b6ac174dcd7107af80763a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12552
Md5:    e8a0d2b8beddf9f866a2bfe96ac21c2e
Sha1:   dfe5c93dc1637162a0b6ac174dcd7107af80763a
Sha256: 0e4bf30611043a171485c6fa054d6102a6cfd7f8a4153daa34eba1b72f455a77
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 13713
etag: "358e74de395352a9529ff1c17856daf8900888c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6199
Md5:    714af732a9aa1db2b13ffb62810fd532
Sha1:   358e74de395352a9529ff1c17856daf8900888c5
Sha256: 1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5305
x-amzn-requestid: 59b495fa-84c9-49cf-a650-03b0c437aca9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5KBEGWEoAMFocQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d23a0-510ad8241626a21422b23ca1;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:10:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OIXYh4Zely6SqOTmWzrSY_W3-FiNFqNgdzH4BF6GZNUTwFiOJPFYXw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 03:22:58 GMT
age: 80811
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5305
Md5:    9773faaac4deac40b96cd0802e974f36
Sha1:   db601663fa6ee5564eddaf8d3d84c7b04bf3871c
Sha256: 40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
                                        
                                            GET /userbind?src=sape&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: match.new-programmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.65.2.150
HTTP/1.1 204 No Content
                                        
Server: nginx/1.22.0
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Origin

                                        
                                            GET /wp-content/themes/leadengine/core/assets/js/woocommerce-keydesign.js HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Mon, 18 May 2020 10:49:52 GMT
vary: Accept-Encoding
etag: W/"5ec26850-493"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9234
Md5:    69ea9efc78a0eb0f5669e734f66528bb
Sha1:   9f3845da5ba9c245332bf41ead16784beafce2bb
Sha256: 5d76eecd2d03e0356129bfceb6f8ae4a49588357975b9dce1680754c143496b7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 23:26:47 GMT
Expires: Wed, 28 Sep 2022 23:26:46 GMT
Etag: "763cd2ef97bb14ea8d9681f7cb0e549e6ccb4132"
Cache-Control: max-age=336416,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75001b00aa1cb512-OSL

                                        
                                            GET /?src=sap1&s_data=CAIQARi9576ZBmIgMUE3RDBDQjlCREIzMkY2M0JGMDA2NDBGMDI0OEFCRTiiARBXL4HQPHQR7YZEACWQyCQ3 HTTP/1.1 
Host: sync.bumlam.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ1NzJmODFkMC0zYzc0LTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.172.81.159
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ1NzJmODFkMC0zYzc0LTExZWQtODY0NC0wMDI1OTBjODI0Mzc*; Path=/; Expires=Sat, 20 Sep 2042 01:49:49 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

                                        
                                            GET /match?dp=126&euid=bf65f2e3-43b5-4ac2-76f7-e1c067fb2c8e HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match?dp=186&euid=806224d7-8690-4078-8d85-1455332e3581 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /match/sape?id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: dmp.gotechnology.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.132.209.136
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=1A7D0CB9BDB32F63BF00640F0248ABE8&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

                                        
                                            GET /p?ssp=sp&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: 1a7d0cb9bdb32f63bf00640f0248abe8-sp.ops.beeline.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.9.245.57
HTTP/2 301 Moved Permanently
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
location: https://www.acint.net/match?dp=111&euid=1964d385-c7de-4d52-b740-6f2f80beac97
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: BeeAID=1964d385-c7de-4d52-b740-6f2f80beac97; expires=Sat, 16 Sep 2023 01:49:49 GMT; domain=ops.beeline.ru; path=/; secure; SameSite=None
access-control-allow-credentials: true, true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
x-route: http://upstream_cookiesync
x-host: 192.168.152.61
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=111&euid=1964d385-c7de-4d52-b740-6f2f80beac97 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F9D1C0198295C6400BD692394B11A4E25E37ED805B3AF0887FEADC4ED82DA5EB"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15925
Expires: Sun, 25 Sep 2022 06:15:14 GMT
Date: Sun, 25 Sep 2022 01:49:49 GMT
Connection: keep-alive

                                        
                                            GET /match/sape?id=1A7D0CB9BDB32F63BF00640F0248ABE8&chk=1 HTTP/1.1 
Host: dmp.gotechnology.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.132.209.136
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/MjQwODhlMjhlZDI2ZTc1Zg
set-cookie: pid=MjQwODhlMjhlZDI2ZTc1Zg; expires=Mon, 25 Sep 2023 01:49:49 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

                                        
                                            GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1 
Host: 0ca7879e-58f6-4764-a8cf-6133733a3774.sync.upravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1664070589355; user_id=0ca7879e-58f6-4764-a8cf-6133733a3774
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         148.251.78.49
HTTP/2 302 Found
content-type: image/png
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=0ca7879e-58f6-4764-a8cf-6133733a3774;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000 user_id-legacy=0ca7879e-58f6-4764-a8cf-6133733a3774;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=0ca7879e-58f6-4764-a8cf-6133733a3774
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2

                                        
                                            GET /match?dp=71&euid=0ca7879e-58f6-4764-a8cf-6133733a3774 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 28 Sep 2022 22:04:42 GMT
ETag: "d026e9280ef33d2247fc4143fc8efd0aee9331aa"
Last-Modified: Sat, 24 Sep 2022 22:04:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1149
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b031c980afa-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    2baaccc57bc6d4af25a6f82fa620339f
Sha1:   d026e9280ef33d2247fc4143fc8efd0aee9331aa
Sha256: 283363e7c60639219854e83b067a811a20d1d49b036fb7ebbd44730d3a52ed2b
                                        
                                            GET /cookie_matching_ssp/Sape-dsp/1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: fcgi4.gnezdo.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.95.102.105
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
set-cookie: uid=XV9maWMvs706I4Y178x0Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 28 Sep 2022 22:04:42 GMT
ETag: "d026e9280ef33d2247fc4143fc8efd0aee9331aa"
Last-Modified: Sat, 24 Sep 2022 22:04:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1149
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b032c9c0afa-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    2baaccc57bc6d4af25a6f82fa620339f
Sha1:   d026e9280ef33d2247fc4143fc8efd0aee9331aa
Sha256: 283363e7c60639219854e83b067a811a20d1d49b036fb7ebbd44730d3a52ed2b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 16:18:19 GMT
Expires: Thu, 29 Sep 2022 16:18:18 GMT
Etag: "3cba20e0b1d62b3ac03751652bc9254ae9cd40c3"
Cache-Control: max-age=603212,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1516
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b033d98b50f-OSL

                                        
                                            GET /pixel?google_nid=agentstvo_sape_limited&google_hm=Gn0Mub2zL2O_AGQPAkir6A HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.34
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 25 Sep 2022 01:49:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   170
Md5:    e7673c60af825466f83d46da72ca1635
Sha1:   fc0fcbee0835709ba2d28798a612bfd687903fb5
Sha256: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
                                        
                                            GET /cgi-bin/sync.cgi?dsp_id=153&external_id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.4
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.36
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-6267985756; expires=Tue, 24 Sep 2024 01:49:49 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6267985756
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true

                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6585
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 01:49:49 GMT
Last-Modified: Sun, 25 Sep 2022 00:00:05 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4543
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 01:49:49 GMT
Last-Modified: Sun, 25 Sep 2022 00:34:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /sync HTTP/1.1 
Host: sape-sync.rutarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.242.93.185
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=2L88OXdjJMcN
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=2L88OXdjJMcN; Path=/; Domain=.rutarget.ru; Expires=Fri, 24 Mar 2023 01:49:49 GMT; SameSite=None; Secure

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 29 Sep 2022 00:46:07 GMT
ETag: "fde22dbc48e2dae234c8f09cff9cc34c6d4ecc17"
Last-Modified: Sun, 25 Sep 2022 00:46:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2917
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b039f800af6-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    07258e5bfbd6a7f956e55fac788b7144
Sha1:   fde22dbc48e2dae234c8f09cff9cc34c6d4ecc17
Sha256: 2a5e41de243d0f2b1ac498814f78be40f6269db84603b0886c2edfbad5a2a973
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 00:38:26 GMT
ETag: "b2a947199eed59dcaca5b45d29d88af039303c3c"
Last-Modified: Sun, 25 Sep 2022 00:38:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1682
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b03bcc20afa-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    faa9bc3602822de2465aaf4bf7db1172
Sha1:   b2a947199eed59dcaca5b45d29d88af039303c3c
Sha256: 820b80226d2100469d4016231fce4ae0d1a79f15393c76148251a55de03327e2
                                        
                                            GET /match?dp=104&euid=2L88OXdjJMcN HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:50 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6267985756 HTTP/1.1 
Host: ad.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.108.36
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Sun, 25 Sep 2022 01:49:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Tue, 24 Sep 2024 01:49:50 GMT; path=/; domain=.adriver.ru; uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   40
Md5:    251630b588179b239e8fab1ac9ef6d3a
Sha1:   91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
Sha256: c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 24 Sep 2022 23:32:02 GMT
Expires: Sun, 25 Sep 2022 23:32:02 GMT
ETag: "43debd7256aef8baad1c79ba4462e7a17a647971"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    9b4d43ad25aaf1e8cecbeace016276b7
Sha1:   43debd7256aef8baad1c79ba4462e7a17a647971
Sha256: 4c6945bd9feb6afaef7c966b0380600826446492198679ac01a5277175ccd3a8
                                        
                                            GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1 
Host: sync.adkernel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         77.245.57.72
HTTP/1.1 200 OK
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 0
Connection: close

                                        
                                            GET /p?ssp=sape&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.33
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=1A7D0CB9BDB32F63BF00640F0248ABE8
Set-Cookie: dspid=a127799a-2bcf-4898-a57e-810a89cf11b1; expires=Sat, 16 Sep 2023 01:49:50 GMT; domain=.mts.ru; path=/; secure; SameSite=None

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A376EFAD37B172843A9E53B3FF9BBDA8893531CA83D200B50CD8ED093905EBCE"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17091
Expires: Sun, 25 Sep 2022 06:34:41 GMT
Date: Sun, 25 Sep 2022 01:49:50 GMT
Connection: keep-alive

                                        
                                            GET /cm.gif?p=48&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: ad.mail.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.163.41.56
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:50 GMT
content-length: 43
set-cookie: VID=0coFZ02EOJ2C0020gS0vaMoC:::0-0-0-84a0c7e:CAASENNrXXNvYfDRg5iYsxaXzzoaYJ6YVxqJuuLNqhDfu-NUyLf8cNQvdUC8N6qKH-qAW-vCkWLy4P-o1fqfOX25T4fYow777xRKba7fEm_yC1bK-ILYZlPmi6KDYcx0PutxTk5oGRNZd_rVfkobT7qvRiUNlA; path=/; expires=Tue, 26-Sep-23 01:49:50 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Sun, 25 Sep 2022 07:49:50 GMT
cache-control: max-age=21600
last-modified: Sun, 25 Sep 2022 01:49:50 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 302 Found
content-type: text/html
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:50 GMT
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1A7D0CB9BDB32F63BF00640F0248ABE8
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1 
Host: redirect.frontend.weborama.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.24.218
HTTP/2 302 Found
                                        
server: Weborama Collect Frontend
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3258921924
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sun, 25 Sep 2022 01:49:50 GMT
set-cookie: AFFICHE_W=e6Virm1vNER769; expires=Mon, 23 Oct 2023 01:49:50 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:09:20 GMT
Expires: Fri, 30 Sep 2022 16:09:19 GMT
Etag: "9e1a63ac26855e427ec1a0ad6b46d5637dee89e4"
Cache-Control: max-age=482968,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75001b02dae2b512-OSL

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 939
Connection: keep-alive
Expires: Thu, 29 Sep 2022 00:52:23 GMT
ETag: "933ba741858c6b5105c5be9a714cdb36b28f9724"
Last-Modified: Sun, 25 Sep 2022 00:52:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1684
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b041ce80afa-OSL

                                        
                                            GET /p/cm/sape?u=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.232.150.43
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 0
x-backend-id: f24-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=ugNxVLiGR2PV.AikABlGDclYefg;Path=/;Domain=.adhigh.net;Expires=Mon, 25-Sep-2023 01:49:50 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=1A7D0CB9BDB32F63BF00640F0248ABE8&bounced=1
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 16:09:20 GMT
Expires: Fri, 30 Sep 2022 16:09:19 GMT
Etag: "9e1a63ac26855e427ec1a0ad6b46d5637dee89e4"
Cache-Control: max-age=482968,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75001b02fbec0b45-OSL

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 939
Connection: keep-alive
Expires: Thu, 29 Sep 2022 00:52:23 GMT
ETag: "933ba741858c6b5105c5be9a714cdb36b28f9724"
Last-Modified: Sun, 25 Sep 2022 00:52:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1684
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75001b043cfc0afa-OSL

                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.42.191.196
HTTP/2 302 Found
                                        
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com tuuid=cb4b8d51-bf9c-520c-8676-7faae559cc14; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com ut=Yy-zvgABuWhSU_tGsO1BG98S89YbflrUo__XEg==; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /adcm.js HTTP/1.1 
Host: tag.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.146
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 3051
Last-Modified: Sun, 25 Sep 2022 01:34:06 GMT
Connection: keep-alive
ETag: "632fb00e-beb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3051), with no line terminators
Size:   3051
Md5:    e7097284185069f52fc736bcd50cda13
Sha1:   1cdfdf2d869841202079ddf91e0a00a8610812e6
Sha256: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
                                        
                                            GET /match/second?ssp=30&exu=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: sm.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         217.66.147.33
HTTP/1.1 301 Moved Permanently
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/

                                        
                                            GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3258921924 HTTP/1.1 
Host: redirect.frontend.weborama.fr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.24.218
HTTP/2 204 No Content
                                        
server: Weborama Collect Frontend
date: Sun, 25 Sep 2022 01:49:49 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sun, 25 Sep 2022 01:49:50 GMT
set-cookie: AFFICHE_W=; expires=Tue, 10 Nov 2009 23:00:00 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /cgi-bin/sync.cgi?ssp_id=43&external_id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: ssp.adriver.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         195.209.111.4
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /merge_gpsid/?sid=50&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: adlmerge.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.66.35
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx/1.16.0
date: Sun, 25 Sep 2022 01:49:49 GMT
iseu: eu
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /p/cm/sape?u=1A7D0CB9BDB32F63BF00640F0248ABE8&bounced=1 HTTP/1.1 
Host: px.adhigh.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         193.232.150.43
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:49 GMT
content-length: 49
x-backend-id: f24-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    889bc1fffc025af4685839fb516a0b8b
Sha1:   7f105137a4eafe93213ecd8cc34dd907c340467c
Sha256: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
                                        
                                            GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com tuuid=1d2e9d2a-a9e0-520c-881e-f295eb31412b; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com ut=Yy-zvgACp7CgoKzn1JegFSltPr8BckDZK0g2Cg==; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 25 Sep 2022 01:49:49 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 24 Sep 2022 23:32:02 GMT
Expires: Sun, 25 Sep 2022 23:32:02 GMT
ETag: "43debd7256aef8baad1c79ba4462e7a17a647971"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    9b4d43ad25aaf1e8cecbeace016276b7
Sha1:   43debd7256aef8baad1c79ba4462e7a17a647971
Sha256: 4c6945bd9feb6afaef7c966b0380600826446492198679ac01a5277175ccd3a8
                                        
                                            GET /match?bidder_id=73&external_user_id=1A7D0CB9BDB32F63BF00640F0248ABE8&crf=1 HTTP/1.1 
Host: ads.betweendigital.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.42.191.196
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com tuuid=ec1398e4-d258-520c-b21a-16eed135a550; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com ut=Yy-zvgACq5gOhWD4-emfDpjrB-R8KIQPQJXxTg==; Max-Age=31536000; Expires=Mon, 25 Sep 2023 01:49:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   68
Md5:    c4a2b870062c2bb98c500bc1526c0498
Sha1:   528666ccdb12997358077bc8fcdbfb6b825c7788
Sha256: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 02:18:43 GMT
Expires: Sat, 01 Oct 2022 02:18:42 GMT
Etag: "34899d4e3a5880939db01d9a15b044951723fa8c"
Cache-Control: max-age=519531,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75001b03c83fb4f9-OSL

                                        
                                            GET /0.gif?pid=9401454&id=1A7D0CB9BDB32F63BF00640F0248ABE8 HTTP/1.1 
Host: x01.aidata.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.108.120.76
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:50 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=1A7D0CB9BDB32F63BF00640F0248ABE8&bounce=1
expires: Sun, 25 Sep 2022 01:49:49 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Sun, 25 Sep 2022 01:49:49 GMT
set-cookie: __upin=zU97rNNDAPW4OmKNo+nBOA;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure __upints=1664070590;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2

                                        
                                            GET /processor.js?i=315293632772154 HTTP/1.1 
Host: tag.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.146
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 15892
Last-Modified: Sun, 25 Sep 2022 01:34:07 GMT
Connection: keep-alive
ETag: "632fb00f-3e14"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (15892), with no line terminators
Size:   15892
Md5:    9d8bbf9b7d1aaed9a324a9cf9977dda4
Sha1:   d3365fba7f95ca11a9564b373162d1ddb06fcdbd
Sha256: 0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
                                        
                                            GET /mapuid/sapeis/1A7D0CB9BDB32F63BF00640F0248ABE8?redir-setuniq=1 HTTP/1.1 
Host: an.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         213.180.193.90
HTTP/2 200 OK
content-type: image/gif; charset=utf-8
                                        
timing-allow-origin: *
date: Sun, 25 Sep 2022 01:49:50 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 25 Sep 2022 01:49:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 25 Sep 2022 01:49:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   50
Md5:    bef53a5c76b7ad469692178eeaeb08d8
Sha1:   aaae1c11fa0b5a086770957c8857d3937ed653e9
Sha256: be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "60FFEBD62D0B930CEE171F0595C1B022EF38A0A26A2ECE2A983A09C9C52933DD"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4078
Expires: Sun, 25 Sep 2022 02:57:48 GMT
Date: Sun, 25 Sep 2022 01:49:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "60FFEBD62D0B930CEE171F0595C1B022EF38A0A26A2ECE2A983A09C9C52933DD"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4078
Expires: Sun, 25 Sep 2022 02:57:48 GMT
Date: Sun, 25 Sep 2022 01:49:50 GMT
Connection: keep-alive

                                        
                                            GET /1/1093/i/i?i=381890237412255.291198943470854&a=77&e=1A7D0CB9BDB32F63BF00640F0248ABE8&pref=https%3A%2F%2Fwww.cdnapolicity.it%2F&c=ss:77.up:1A7D0CB9BDB32F63BF00640F0248ABE8.sync:up.xdua:duLt8z2n5tgiCsJubr2rHSzI.xps:xps_g21ycxT1LGriClpoy7cJL.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.174
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=381890237412255.291198943470854&a=77&e=1A7D0CB9BDB32F63BF00640F0248ABE8&pref=https%3A%2F%2Fwww.cdnapolicity.it%2F&c=ss:77.up:1A7D0CB9BDB32F63BF00640F0248ABE8.sync:up.xdua:duLt8z2n5tgiCsJubr2rHSzI.xps:xps_g21ycxT1LGriClpoy7cJL.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=NeXQgXYJLEdDNzc76Wjj; Max-Age=93312000; Expires=Tue, 09 Sep 2025 01:49:50 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

                                        
                                            GET /1/1093/i/i?i=381890237412255.29732220705479&a=77&e=1A7D0CB9BDB32F63BF00640F0248ABE8&pref=https%3A%2F%2Fwww.cdnapolicity.it%2F&c=ss:77.up:1A7D0CB9BDB32F63BF00640F0248ABE8.sync:up.xdua:duLt8z2n5tgiCsJubr2rHSzI.xps:xps_g21ycxT1LGriClpoy7cJL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.174
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=381890237412255.29732220705479&a=77&e=1A7D0CB9BDB32F63BF00640F0248ABE8&pref=https%3A%2F%2Fwww.cdnapolicity.it%2F&c=ss:77.up:1A7D0CB9BDB32F63BF00640F0248ABE8.sync:up.xdua:duLt8z2n5tgiCsJubr2rHSzI.xps:xps_g21ycxT1LGriClpoy7cJL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=xaKb1BpJCt4lPHx7Nk0o; Max-Age=93312000; Expires=Tue, 09 Sep 2025 01:49:50 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only

                                        
                                            GET / HTTP/1.1 
Host: tech.rtb.mts.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.87.44.187
HTTP/1.1 204 No Content
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.20.2
Date: Sun, 25 Sep 2022 01:49:50 GMT
Connection: keep-alive
Set-Cookie: mts_id=cb84a3d7-cf63-4d37-aeb5-f1ce518bf849; Domain=mts.ru; expires=Tue, 03 Aug 2032 01:49:50 GMT; SameSite=None; Secure mts_id_last_sync=1664070590; Domain=mts.ru; expires=Tue, 03 Aug 2032 01:49:50 GMT; SameSite=None; Secure
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

                                        
                                            POST /wp-content/uploads/2022/06/[object%20Object] HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.cdnapolicity.it
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; fid=a9ece671-6d5f-4dca-9d13-4e8e7d16bf96
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:50 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.cdnapolicity.it/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (21985), with CRLF, LF line terminators
Size:   22984
Md5:    1e944993cb29de53ddde210a96d27dbf
Sha1:   c3af7c3ad49253329a06daf7d1c684d5ce26a658
Sha256: 4936b6da19cf9906d07538e5d6bc852a7d102dd0db10549d7e016fa8d8cd6d99
                                        
                                            GET /awg/custom/1093/i/i?call_source=awg&i=381890237412255.29732220705479&a=77&e=1A7D0CB9BDB32F63BF00640F0248ABE8&pref=https%3A%2F%2Fwww.cdnapolicity.it%2F&c=ss:77.up:1A7D0CB9BDB32F63BF00640F0248ABE8.sync:up.xdua:duLt8z2n5tgiCsJubr2rHSzI.xps:xps_g21ycxT1LGriClpoy7cJL.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1 
Host: dmg.digitaltarget.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.15.175.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 25 Sep 2022 01:49:50 GMT
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   64
Md5:    ffd585dfb1ac6320633a0be46d579437
Sha1:   5a6033d23bc9cd5d1de9ee61de69a44428086dcb
Sha256: df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
                                        
                                            GET /ping/?v=0.4.0&uid=790fb050-d9b2-4064-b990-0ad0adcecd86&dp=10&tz=%2B00%3A00&nc=12752652&dT=2022-09-25T01%3A49%3A50.751 HTTP/1.1 
Host: www.acint.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/
Cookie: aid=uQx9GmMvs70PZAC/6KtIAgC511Ge9IQfY9/8/3bWZclY8T4F; test_cookie=CheckForPermission; cSyncDp7v2=1664070589; cSyncDp14v3=1664070589; cSyncDp17=1664070589; cSyncDp32=1664070589; cSyncDp45v3=1664070589; cSyncDp53=1664070589; cSyncDp54v2=1664070589; cSyncDp62=1664070589; cSyncDp67v2=1664070589; cSyncDp68=1664070589; cSyncDp71=1664070589; cSyncDp77=1664070589; cSyncDp84=1664070589; cSyncDp85=1664070589; cSyncDp95v3=1664070589; cSyncDp101=1664070589; cSyncDp104v2=1664070589; cSyncDp107=1664070589; cSyncDp110=1664070589; cSyncDp111v2=1664070589; cSyncDp112v2=1664070589; cSyncDp125v2=1664070589; cSyncDp126=1664070589; cSyncDp127=1664070589; cSyncDp129=1664070589; cSyncDp136v2=1664070589; cSyncDp138=1664070589; cSyncDp144=1664070589; cSyncDp146=1664070589; cSyncDp148=1664070589; cSyncDp149=1664070589; cSyncDp151=1664070589; cSyncDp178=1664070589; cSyncDp179=1664070589; cSyncDp186=1664070589; cSyncDp221=1664070589
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.12.125.25
HTTP/2 200 OK
content-type: image/gif
                                        
server: openresty
date: Sun, 25 Sep 2022 01:49:52 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /wp-content/plugins/ginger/front/css/cookies-enabler.css?ver=5.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cdnapolicity.it/wp-content/uploads/2022/06/domaci_film_za_gledanje_rane.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         116.202.162.93
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 01:49:48 GMT
last-modified: Mon, 18 May 2020 10:48:16 GMT
vary: Accept-Encoding
etag: W/"5ec267f0-1f33"
expires: Mon, 25 Sep 2023 01:49:48 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/keydesign-addon/assets/css/iconsmind.min.css?ver=5.9.3 HTTP/1.1 
Host: www.cdnapolicity.it
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1